b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

nixos/pam: fix pam_tty_audit config

Browse source 
Escape the line breaks to render a valid config.
Module arguments have to be at the same line or line endings have to be
escaped with a backslash.
This commit is contained in:
Tobias Stenzel 2022-10-22 23:20:09 +02:00
parent 301aada7a6
commit 8111e4f113
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
nixos/modules/security/pam.nix
View file

@ -615,12 +615,12 @@ let
optionalString cfg.setLoginUid ''
session ${if config.boot.isContainer then "optional" else "required"} pam_loginuid.so
'' +
optionalString cfg.ttyAudit.enable ''
session required ${pkgs.pam}/lib/security/pam_tty_audit.so
open_only=${toString cfg.ttyAudit.openOnly}
${optionalString (cfg.ttyAudit.enablePattern != null) "enable=${cfg.ttyAudit.enablePattern}"}
${optionalString (cfg.ttyAudit.disablePattern != null) "disable=${cfg.ttyAudit.disablePattern}"}
'' +
optionalString cfg.ttyAudit.enable (concatStringsSep " \\\n " ([
"session required ${pkgs.pam}/lib/security/pam_tty_audit.so"
] ++ optional cfg.ttyAudit.openOnly "open_only"
++ optional (cfg.ttyAudit.enablePattern != null) "enable=${cfg.ttyAudit.enablePattern}"
++ optional (cfg.ttyAudit.disablePattern != null) "disable=${cfg.ttyAudit.disablePattern}"
)) +
optionalString cfg.makeHomeDir ''
session required ${pkgs.pam}/lib/security/pam_mkhomedir.so silent skel=${config.security.pam.makeHomeDir.skelDirectory} umask=0077
'' +