summaryrefslogtreecommitdiffstats
path: root/lass/3modules/usershadow.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2017-01-25 23:23:29 +0100
committermakefu <github@syntax-fehler.de>2017-01-25 23:23:29 +0100
commitbf405736962fd20df738f84665e5fc7f8d74e72d (patch)
treeae01054fe88089d6476b3c1b1952066fd6c79092 /lass/3modules/usershadow.nix
parent7e1bd2729e11e5c63749c69093359de0bb3329b2 (diff)
parent89c5b22129d3cb875d16a3171a4e3ab3bee9cb0a (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/3modules/usershadow.nix')
-rw-r--r--lass/3modules/usershadow.nix7
1 files changed, 5 insertions, 2 deletions
diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix
index c0be053ab..fc9e63e31 100644
--- a/lass/3modules/usershadow.nix
+++ b/lass/3modules/usershadow.nix
@@ -22,10 +22,13 @@
environment.systemPackages = [ usershadow ];
lass.usershadow.path = "${usershadow}";
security.pam.services.sshd.text = ''
- auth required pam_exec.so expose_authtok ${usershadow}/bin/verify_pam ${cfg.pattern}
- auth required pam_permit.so
account required pam_permit.so
+ auth required pam_env.so envfile=${config.system.build.pamEnvironment}
+ auth sufficient pam_exec.so quiet expose_authtok ${usershadow}/bin/verify_pam ${cfg.pattern}
+ auth sufficient pam_unix.so likeauth try_first_pass
+ session required pam_env.so envfile=${config.system.build.pamEnvironment}
session required pam_permit.so
+ session required pam_loginuid.so
'';
security.pam.services.dovecot2.text = ''