mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 21:38:07 -05:00
system: pam: Honor /etc/environment.
* gnu/system/pam.scm (unix-pam-service): Add pam_env module to the session group.
This commit is contained in:
parent
e10964efd2
commit
af9908ff56
1 changed files with 6 additions and 3 deletions
|
@ -128,7 +128,10 @@ (module "pam_deny.so"))))
|
||||||
(define unix-pam-service
|
(define unix-pam-service
|
||||||
(let ((unix (pam-entry
|
(let ((unix (pam-entry
|
||||||
(control "required")
|
(control "required")
|
||||||
(module "pam_unix.so"))))
|
(module "pam_unix.so")))
|
||||||
|
(env (pam-entry ; to honor /etc/environment.
|
||||||
|
(control "required")
|
||||||
|
(module "pam_env.so"))))
|
||||||
(lambda* (name #:key allow-empty-passwords? motd)
|
(lambda* (name #:key allow-empty-passwords? motd)
|
||||||
"Return a standard Unix-style PAM service for NAME. When
|
"Return a standard Unix-style PAM service for NAME. When
|
||||||
ALLOW-EMPTY-PASSWORDS? is true, allow empty passwords. When MOTD is true, it
|
ALLOW-EMPTY-PASSWORDS? is true, allow empty passwords. When MOTD is true, it
|
||||||
|
@ -150,13 +153,13 @@ (module "pam_unix.so")
|
||||||
;; Store SHA-512 encrypted passwords in /etc/shadow.
|
;; Store SHA-512 encrypted passwords in /etc/shadow.
|
||||||
(arguments '("sha512" "shadow")))))
|
(arguments '("sha512" "shadow")))))
|
||||||
(session (if motd
|
(session (if motd
|
||||||
(list unix
|
(list env unix
|
||||||
(pam-entry
|
(pam-entry
|
||||||
(control "optional")
|
(control "optional")
|
||||||
(module "pam_motd.so")
|
(module "pam_motd.so")
|
||||||
(arguments
|
(arguments
|
||||||
(list #~(string-append "motd=" #$motd)))))
|
(list #~(string-append "motd=" #$motd)))))
|
||||||
(list unix))))))))
|
(list env unix))))))))
|
||||||
|
|
||||||
(define (rootok-pam-service command)
|
(define (rootok-pam-service command)
|
||||||
"Return a PAM service for COMMAND such that 'root' does not need to
|
"Return a PAM service for COMMAND such that 'root' does not need to
|
||||||
|
|
Loading…
Reference in a new issue