From f746d8eb6eb75e1e3ceec9ed38b6bbb3fc78a2c7 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Mon, 30 Dec 2019 16:25:16 -0500 Subject: linux-pam: set sconfigdir to /etc for usage at runtime MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit So users don’t need to override the $out/etc/security files, we need to manually set this to /etc. Override it in the install phase so that we still get the example $out/etc/security files . Fixes #76713 --- pkgs/os-specific/linux/pam/default.nix | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'pkgs/os-specific/linux/pam') diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index d1a035d74480..e4429cc3bd7c 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -44,9 +44,7 @@ stdenv.mkDerivation rec { # which is done by dlopening $out/lib/security/pam_foo.so # $out/etc was also missed: pam_env(login:session): Unable to open config file - preConfigure = '' - configureFlags="$configureFlags --includedir=$out/include/security" - '' + stdenv.lib.optionalString (stdenv.hostPlatform.libc == "musl") '' + preConfigure = stdenv.lib.optionalString (stdenv.hostPlatform.libc == "musl") '' # export ac_cv_search_crypt=no # (taken from Alpine linux, apparently insecure but also doesn't build O:)) # disable insecure modules @@ -54,6 +52,15 @@ stdenv.mkDerivation rec { sed -e 's/pam_rhosts//g' -i modules/Makefile.in ''; + configureFlags = [ + "--includedir=${placeholder "out"}/include/security" + "--enable-sconfigdir=/etc/security" + ]; + + installFlags = [ + "SCONFIGDIR=${placeholder "out"}/etc/security" + ]; + doCheck = false; # fails meta = with stdenv.lib; { -- cgit 1.4.1