diff options
| author | Jörg Thalheim <Mic92@users.noreply.github.com> | 2020-10-20 10:40:12 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-10-20 10:40:12 +0200 |
| commit | 1a9e02dec6e2dcf3d9e90ac0d5232586f991271d (patch) | |
| tree | 6e6b07c4ef7596317e2df8e4e9e7f302fb0e592a /nixos | |
| parent | 466194482c2a46466a54ddf3c6adf8579ec9c7b1 (diff) | |
| parent | 49a749c7299eac1ee1fc401d376db245cb834a73 (diff) | |
Merge pull request #100554 from dnr/feature/pamMount
nixos/pam_mount: add pamMount attribute to users
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/config/users-groups.nix | 14 | ||||
| -rw-r--r-- | nixos/modules/security/pam_mount.nix | 12 |
2 files changed, 24 insertions, 2 deletions
diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index 1bb1317a8e85..5264d5b56fa5 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -139,6 +139,20 @@ let ''; }; + pamMount = mkOption { + type = with types; attrsOf str; + default = {}; + description = '' + Attributes for user's entry in + <filename>pam_mount.conf.xml</filename>. + Useful attributes might include <code>path</code>, + <code>options</code>, <code>fstype</code>, and <code>server</code>. + See <link + xlink:href="http://pam-mount.sourceforge.net/pam_mount.conf.5.html" /> + for more information. + ''; + }; + shell = mkOption { type = types.either types.shellPackage types.path; default = pkgs.shadow; diff --git a/nixos/modules/security/pam_mount.nix b/nixos/modules/security/pam_mount.nix index 77e22a96b553..89211bfbde48 100644 --- a/nixos/modules/security/pam_mount.nix +++ b/nixos/modules/security/pam_mount.nix @@ -39,8 +39,16 @@ in environment.etc."security/pam_mount.conf.xml" = { source = let - extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null) config.users.users; - userVolumeEntry = user: "<volume user=\"${user.name}\" path=\"${user.cryptHomeLuks}\" mountpoint=\"${user.home}\" />\n"; + extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null || u.pamMount != {}) config.users.users; + mkAttr = k: v: ''${k}="${v}"''; + userVolumeEntry = user: let + attrs = { + user = user.name; + path = user.cryptHomeLuks; + mountpoint = user.home; + } // user.pamMount; + in + "<volume ${concatStringsSep " " (mapAttrsToList mkAttr attrs)} />\n"; in pkgs.writeText "pam_mount.conf.xml" '' <?xml version="1.0" encoding="utf-8" ?> |