diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-08-23 10:09:14 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-08-26 09:07:03 +0000 |
commit | 63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f (patch) | |
tree | d58934cb48f9c953b19a0d0d5cffc0d0c5561471 /nixpkgs/nixos/modules/security/pam.nix | |
parent | c4eef3dacb2a3d359561f30917d9e3cc4e041be9 (diff) | |
parent | 91a22f76cd1716f9d0149e8a5c68424bb691de15 (diff) | |
download | nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.gz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.bz2 nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.lz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.xz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.zst nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.zip |
Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs
Conflicts: nixpkgs/pkgs/build-support/go/module.nix nixpkgs/pkgs/development/python-modules/django-mailman3/default.nix
Diffstat (limited to 'nixpkgs/nixos/modules/security/pam.nix')
-rw-r--r-- | nixpkgs/nixos/modules/security/pam.nix | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/nixpkgs/nixos/modules/security/pam.nix b/nixpkgs/nixos/modules/security/pam.nix index ac9da4a823b7..a431817fe1bb 100644 --- a/nixpkgs/nixos/modules/security/pam.nix +++ b/nixpkgs/nixos/modules/security/pam.nix @@ -697,7 +697,7 @@ let session required ${config.systemd.package}/lib/security/pam_systemd_home.so '' + optionalString cfg.makeHomeDir '' - session required ${pkgs.pam}/lib/security/pam_mkhomedir.so silent skel=${config.security.pam.makeHomeDir.skelDirectory} umask=0077 + session required ${pkgs.pam}/lib/security/pam_mkhomedir.so silent skel=${config.security.pam.makeHomeDir.skelDirectory} umask=${config.security.pam.makeHomeDir.umask} '' + optionalString cfg.updateWtmp '' session required ${pkgs.pam}/lib/security/pam_lastlog.so silent @@ -902,6 +902,16 @@ in ''; }; + security.pam.makeHomeDir.umask = mkOption { + type = types.str; + default = "0077"; + example = "0022"; + description = lib.mdDoc '' + The user file mode creation mask to use on home directories + newly created by `pam_mkhomedir`. + ''; + }; + security.pam.enableSSHAgentAuth = mkOption { type = types.bool; default = false; @@ -934,7 +944,7 @@ in }; authserver = mkOption { default = null; - type = with types; nullOr string; + type = with types; nullOr str; description = lib.mdDoc '' This controls the hostname for the 9front authentication server that users will be authenticated against. |