blob: 792d1dbb38f6831613eb26094aee9d7e9d020d02 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
# This module defines a system-wide environment that will be
# initialised by pam_env (that is, not only in shells).
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.environment;
pamProfiles =
map
(replaceStrings ["$HOME" "$USER"] ["@{HOME}" "@{PAM_USER}"])
cfg.profiles;
in
{
options = {
environment.sessionVariables = mkOption {
default = {};
description = ''
A set of environment variables used in the global environment.
These variables will be set by PAM early in the login process.
The value of each session variable can be either a string or a
list of strings. The latter is concatenated, interspersed with
colon characters.
Note, due to limitations in the PAM format values may not
contain the <literal>"</literal> character.
Also, these variables are merged into
<xref linkend="opt-environment.variables"/> and it is
therefore not possible to use PAM style variables such as
<code>@{HOME}</code>.
'';
type = with types; attrsOf (either str (listOf str));
apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else v);
};
environment.profileRelativeSessionVariables = mkOption {
type = types.attrsOf (types.listOf types.str);
example = { PATH = [ "/bin" ]; MANPATH = [ "/man" "/share/man" ]; };
description = ''
Attribute set of environment variable used in the global
environment. These variables will be set by PAM early in the
login process.
Variable substitution is available as described in
<citerefentry>
<refentrytitle>pam_env.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>.
Each attribute maps to a list of relative paths. Each relative
path is appended to the each profile of
<option>environment.profiles</option> to form the content of
the corresponding environment variable.
Also, these variables are merged into
<xref linkend="opt-environment.profileRelativeEnvVars"/> and it is
therefore not possible to use PAM style variables such as
<code>@{HOME}</code>.
'';
};
};
config = {
system.build.pamEnvironment =
let
suffixedVariables =
flip mapAttrs cfg.profileRelativeSessionVariables (envVar: suffixes:
flip concatMap pamProfiles (profile:
map (suffix: "${profile}${suffix}") suffixes
)
);
pamVariable = n: v:
''${n} DEFAULT="${concatStringsSep ":" (toList v)}"'';
pamVariables =
concatStringsSep "\n"
(mapAttrsToList pamVariable
(zipAttrsWith (n: concatLists)
[
(mapAttrs (n: toList) cfg.sessionVariables)
suffixedVariables
]));
in
pkgs.writeText "pam-environment" "${pamVariables}\n";
};
}
|