nsswitch.conf: Omit ldap unless ldap is enabled

This prevents programs from trying to find nss_ldap.
author: Eelco Dolstra <eelco.dolstra@logicblox.com> 2015-02-25 13:22:39 +0100
committer: Eelco Dolstra <eelco.dolstra@logicblox.com> 2015-02-25 14:31:13 +0100
commit: 93902ea1086d72776677d10a453fe5577022f851 (patch)
tree: 93ecc2ab9e53903b1c29443354bd70f5e90e9b85 /nixos/modules/config/nsswitch.nix
parent: 2ce047165a5e8cd4c8e5d577b6507f9febd7cd77 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/nixos/modules/config/nsswitch.nix b/nixos/modules/config/nsswitch.nix
index 549e731f3b08..a39c2895bf84 100644
--- a/nixos/modules/config/nsswitch.nix
+++ b/nixos/modules/config/nsswitch.nix
@@ -8,6 +8,7 @@ let
 
   inherit (config.services.avahi) nssmdns;
   inherit (config.services.samba) nsswins;
+  ldap = config.users.ldap.enable;
 
 in
 
@@ -40,9 +41,9 @@ in
     # should define an option used by this module.
     environment.etc."nsswitch.conf".text =
       ''
-        passwd:    files ldap
-        group:     files ldap
-        shadow:    files ldap
+        passwd:    files ${optionalString ldap "ldap"}
+        group:     files ${optionalString ldap "ldap"}
+        shadow:    files ${optionalString ldap "ldap"}
         hosts:     files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"} ${optionalString nsswins "wins"} myhostname mymachines
         networks:  files dns
         ethers:    files
author	Eelco Dolstra <eelco.dolstra@logicblox.com>	2015-02-25 13:22:39 +0100
committer	Eelco Dolstra <eelco.dolstra@logicblox.com>	2015-02-25 14:31:13 +0100
commit	93902ea1086d72776677d10a453fe5577022f851 (patch)
tree	93ecc2ab9e53903b1c29443354bd70f5e90e9b85 /nixos/modules/config/nsswitch.nix
parent	2ce047165a5e8cd4c8e5d577b6507f9febd7cd77 (diff)