nixos/pam: add zfs.mountRecursively option (76f5b40d) · Commits · nix / nixpkgs

nixos/modules/security/pam.nix

+11 −0

Original line number	Diff line number	Diff line
		@@ -994,6 +994,7 @@ let
		modulePath = "${config.boot.zfs.package}/lib/security/pam_zfs_key.so";
		settings = {
		inherit (config.security.pam.zfs) homes;
		mount_recursively = config.security.pam.zfs.mountRecursively;
		};
		}
		{
		@@ -1183,6 +1184,7 @@ let
		modulePath = "${config.boot.zfs.package}/lib/security/pam_zfs_key.so";
		settings = {
		inherit (config.security.pam.zfs) homes;
		mount_recursively = config.security.pam.zfs.mountRecursively;
		};
		}
		{
		@@ -1343,6 +1345,7 @@ let
		settings = {
		inherit (config.security.pam.zfs) homes;
		nounmount = config.security.pam.zfs.noUnmount;
		mount_recursively = config.security.pam.zfs.mountRecursively;
		};
		}
		{
		@@ -2176,6 +2179,14 @@ in
		Do not unmount home dataset on logout.
		'';
		};

		mountRecursively = lib.mkOption {
		default = false;
		type = lib.types.bool;
		description = ''
		Mount child datasets of home dataset.
		'';
		};
		};

		security.pam.enableEcryptfs = lib.mkEnableOption "eCryptfs PAM module (mounting ecryptfs home directory on login)";