Loading maintainers/maintainer-list.nix +6 −0 Original line number Diff line number Diff line Loading @@ -15775,6 +15775,12 @@ githubId = 1891350; name = "Michael Raskin"; }; raspher = { email = "raspher@protonmail.com"; github = "raspher"; githubId = 23345803; name = "Szymon Scholz"; }; ratcornu = { email = "ratcornu@skaven.org"; github = "RatCornu"; Loading nixos/modules/module-list.nix +0 −1 Original line number Diff line number Diff line Loading @@ -317,7 +317,6 @@ ./security/oath.nix ./security/pam.nix ./security/pam_mount.nix ./security/pam_usb.nix ./security/please.nix ./security/polkit.nix ./security/rngd.nix Loading nixos/modules/security/pam.nix +0 −12 Original line number Diff line number Diff line Loading @@ -205,17 +205,6 @@ let }; }; usbAuth = mkOption { default = config.security.pam.usb.enable; defaultText = literalExpression "config.security.pam.usb.enable"; type = types.bool; description = lib.mdDoc '' If set, users listed in {file}`/etc/pamusb.conf` are able to log in with the associated USB key. ''; }; otpwAuth = mkOption { default = config.security.pam.enableOTPW; defaultText = literalExpression "config.security.pam.enableOTPW"; Loading Loading @@ -665,7 +654,6 @@ let authfile = u2f.authFile; appid = u2f.appId; }; }) { name = "usb"; enable = cfg.usbAuth; control = "sufficient"; modulePath = "${pkgs.pam_usb}/lib/security/pam_usb.so"; } (let ussh = config.security.pam.ussh; in { name = "ussh"; enable = config.security.pam.ussh.enable && cfg.usshAuth; control = ussh.control; modulePath = "${pkgs.pam_ussh}/lib/security/pam_ussh.so"; settings = { ca_file = ussh.caFile; authorized_principals = ussh.authorizedPrincipals; Loading nixos/modules/security/pam_usb.nixdeleted 100644 → 0 +0 −51 Original line number Diff line number Diff line { config, lib, pkgs, ... }: with lib; let cfg = config.security.pam.usb; anyUsbAuth = any (attrByPath ["usbAuth"] false) (attrValues config.security.pam.services); in { options = { security.pam.usb = { enable = mkOption { type = types.bool; default = false; description = lib.mdDoc '' Enable USB login for all login systems that support it. For more information, visit <https://github.com/aluzzardi/pam_usb/wiki/Getting-Started#setting-up-devices-and-users>. ''; }; }; }; config = mkIf (cfg.enable || anyUsbAuth) { # Make sure pmount and pumount are setuid wrapped. security.wrappers = { pmount = { setuid = true; owner = "root"; group = "root"; source = "${pkgs.pmount.out}/bin/pmount"; }; pumount = { setuid = true; owner = "root"; group = "root"; source = "${pkgs.pmount.out}/bin/pumount"; }; }; environment.systemPackages = [ pkgs.pmount ]; }; } pkgs/applications/networking/cluster/terraform/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -167,8 +167,8 @@ rec { mkTerraform = attrs: pluggable (generic attrs); terraform_1 = mkTerraform { version = "1.7.2"; hash = "sha256-jTzZWmYeKF87Er2i7XHquM8oQyF4q/qoBf4DdMqv7L8="; version = "1.7.3"; hash = "sha256-/NnpmZLCEoSwJYsHmMxQ8HRxzsyCm91oc6T+mcsaNv0="; vendorHash = "sha256-DI4YTjdFFvfby8ExEY3KoK4J9YKK5LPpMbelzFMDVVs="; patches = [ ./provider-path-0_15.patch ]; passthru = { Loading Loading
maintainers/maintainer-list.nix +6 −0 Original line number Diff line number Diff line Loading @@ -15775,6 +15775,12 @@ githubId = 1891350; name = "Michael Raskin"; }; raspher = { email = "raspher@protonmail.com"; github = "raspher"; githubId = 23345803; name = "Szymon Scholz"; }; ratcornu = { email = "ratcornu@skaven.org"; github = "RatCornu"; Loading
nixos/modules/module-list.nix +0 −1 Original line number Diff line number Diff line Loading @@ -317,7 +317,6 @@ ./security/oath.nix ./security/pam.nix ./security/pam_mount.nix ./security/pam_usb.nix ./security/please.nix ./security/polkit.nix ./security/rngd.nix Loading
nixos/modules/security/pam.nix +0 −12 Original line number Diff line number Diff line Loading @@ -205,17 +205,6 @@ let }; }; usbAuth = mkOption { default = config.security.pam.usb.enable; defaultText = literalExpression "config.security.pam.usb.enable"; type = types.bool; description = lib.mdDoc '' If set, users listed in {file}`/etc/pamusb.conf` are able to log in with the associated USB key. ''; }; otpwAuth = mkOption { default = config.security.pam.enableOTPW; defaultText = literalExpression "config.security.pam.enableOTPW"; Loading Loading @@ -665,7 +654,6 @@ let authfile = u2f.authFile; appid = u2f.appId; }; }) { name = "usb"; enable = cfg.usbAuth; control = "sufficient"; modulePath = "${pkgs.pam_usb}/lib/security/pam_usb.so"; } (let ussh = config.security.pam.ussh; in { name = "ussh"; enable = config.security.pam.ussh.enable && cfg.usshAuth; control = ussh.control; modulePath = "${pkgs.pam_ussh}/lib/security/pam_ussh.so"; settings = { ca_file = ussh.caFile; authorized_principals = ussh.authorizedPrincipals; Loading
nixos/modules/security/pam_usb.nixdeleted 100644 → 0 +0 −51 Original line number Diff line number Diff line { config, lib, pkgs, ... }: with lib; let cfg = config.security.pam.usb; anyUsbAuth = any (attrByPath ["usbAuth"] false) (attrValues config.security.pam.services); in { options = { security.pam.usb = { enable = mkOption { type = types.bool; default = false; description = lib.mdDoc '' Enable USB login for all login systems that support it. For more information, visit <https://github.com/aluzzardi/pam_usb/wiki/Getting-Started#setting-up-devices-and-users>. ''; }; }; }; config = mkIf (cfg.enable || anyUsbAuth) { # Make sure pmount and pumount are setuid wrapped. security.wrappers = { pmount = { setuid = true; owner = "root"; group = "root"; source = "${pkgs.pmount.out}/bin/pmount"; }; pumount = { setuid = true; owner = "root"; group = "root"; source = "${pkgs.pmount.out}/bin/pumount"; }; }; environment.systemPackages = [ pkgs.pmount ]; }; }
pkgs/applications/networking/cluster/terraform/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -167,8 +167,8 @@ rec { mkTerraform = attrs: pluggable (generic attrs); terraform_1 = mkTerraform { version = "1.7.2"; hash = "sha256-jTzZWmYeKF87Er2i7XHquM8oQyF4q/qoBf4DdMqv7L8="; version = "1.7.3"; hash = "sha256-/NnpmZLCEoSwJYsHmMxQ8HRxzsyCm91oc6T+mcsaNv0="; vendorHash = "sha256-DI4YTjdFFvfby8ExEY3KoK4J9YKK5LPpMbelzFMDVVs="; patches = [ ./provider-path-0_15.patch ]; passthru = { Loading
![github-actions[bot]'s avatar](https://secure.gravatar.com/avatar/e7cd911927c7d1acf6281b69d385990d8fadcd26871048bbcdbff2e88da7f607?s=48&d=identicon "github-actions[bot]")