about summary refs log tree commit diff
path: root/nixpkgs/nixos/modules/security/pam.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/modules/security/pam.nix')
-rw-r--r--nixpkgs/nixos/modules/security/pam.nix13
1 files changed, 8 insertions, 5 deletions
diff --git a/nixpkgs/nixos/modules/security/pam.nix b/nixpkgs/nixos/modules/security/pam.nix
index b7e1ea526535..c99615d5a636 100644
--- a/nixpkgs/nixos/modules/security/pam.nix
+++ b/nixpkgs/nixos/modules/security/pam.nix
@@ -943,6 +943,11 @@ let
       value.source = pkgs.writeText "${name}.pam" service.text;
     };
 
+  optionalSudoConfigForSSHAgentAuth = optionalString config.security.pam.enableSSHAgentAuth ''
+    # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic.
+    Defaults env_keep+=SSH_AUTH_SOCK
+  '';
+
 in
 
 {
@@ -1532,9 +1537,7 @@ in
         concatLines
       ]);
 
-    security.sudo.extraConfig = optionalString config.security.pam.enableSSHAgentAuth ''
-      # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic.
-      Defaults env_keep+=SSH_AUTH_SOCK
-    '';
-    };
+    security.sudo.extraConfig = optionalSudoConfigForSSHAgentAuth;
+    security.sudo-rs.extraConfig = optionalSudoConfigForSSHAgentAuth;
+  };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 19:03:26 +0000