Loading nixos/modules/security/pam.nix +8 −5 Original line number Diff line number Diff line Loading @@ -943,6 +943,11 @@ let value.source = pkgs.writeText "${name}.pam" service.text; }; optionalSudoConfigForSSHAgentAuth = optionalString config.security.pam.enableSSHAgentAuth '' # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic. Defaults env_keep+=SSH_AUTH_SOCK ''; in { Loading Loading @@ -1532,9 +1537,7 @@ in concatLines ]); security.sudo.extraConfig = optionalString config.security.pam.enableSSHAgentAuth '' # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic. Defaults env_keep+=SSH_AUTH_SOCK ''; security.sudo.extraConfig = optionalSudoConfigForSSHAgentAuth; security.sudo-rs.extraConfig = optionalSudoConfigForSSHAgentAuth; }; } nixos/modules/security/sudo-rs.nix +0 −4 Original line number Diff line number Diff line Loading @@ -220,10 +220,6 @@ in # Don't edit this file. Set the NixOS options ‘security.sudo-rs.configFile’ # or ‘security.sudo-rs.extraRules’ instead. '' (optionalString enableSSHAgentAuth '' # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic. Defaults env_keep+=SSH_AUTH_SOCK '') (pipe cfg.extraRules [ (filter (rule: length rule.commands != 0)) (map (rule: [ Loading Loading
nixos/modules/security/pam.nix +8 −5 Original line number Diff line number Diff line Loading @@ -943,6 +943,11 @@ let value.source = pkgs.writeText "${name}.pam" service.text; }; optionalSudoConfigForSSHAgentAuth = optionalString config.security.pam.enableSSHAgentAuth '' # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic. Defaults env_keep+=SSH_AUTH_SOCK ''; in { Loading Loading @@ -1532,9 +1537,7 @@ in concatLines ]); security.sudo.extraConfig = optionalString config.security.pam.enableSSHAgentAuth '' # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic. Defaults env_keep+=SSH_AUTH_SOCK ''; security.sudo.extraConfig = optionalSudoConfigForSSHAgentAuth; security.sudo-rs.extraConfig = optionalSudoConfigForSSHAgentAuth; }; }
nixos/modules/security/sudo-rs.nix +0 −4 Original line number Diff line number Diff line Loading @@ -220,10 +220,6 @@ in # Don't edit this file. Set the NixOS options ‘security.sudo-rs.configFile’ # or ‘security.sudo-rs.extraRules’ instead. '' (optionalString enableSSHAgentAuth '' # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic. Defaults env_keep+=SSH_AUTH_SOCK '') (pipe cfg.extraRules [ (filter (rule: length rule.commands != 0)) (map (rule: [ Loading
