Unverified Commit f93d86f6 authored by Michele Guerini Rocco's avatar Michele Guerini Rocco Committed by GitHub
Browse files

nixos/getty: add option to autologin once per boot, take 2 (#348236)

parents 07bbb086 565f972d

nixos/doc/manual/release-notes/rl-2411.section.md

+3 −0
Original line number Diff line number Diff line
@@ -710,6 +710,9 @@ 


- Mikutter was removed because the package was broken and had no maintainers.



- The new option `services.getty.autologinOnce` was added to limit the automatic login to once per boot and on the first tty only.

  When using full disk encryption, this option allows to unlock the system without retyping the passphrase while keeping the other ttys protected.



- Gollum was upgraded to major version 6. Read their [migration notes](https://github.com/gollum/gollum/wiki/6.0-Release-Notes).



- The hooks `yarnConfigHook` and `yarnBuildHook` were added. These should replace `yarn2nix.mkYarnPackage` and other `yarn2nix` related tools. The motivation to get rid of `yarn2nix` tools is the fact that they are too complex and hard to maintain, and they rely upon too much Nix evaluation which is problematic if import-from-derivation is not allowed (see more details at [#296856](https://github.com/NixOS/nixpkgs/issues/296856). The transition from `mkYarnPackage` to `yarn{Config,Build}Hook` is tracked at [#324246](https://github.com/NixOS/nixpkgs/issues/324246).

nixos/modules/services/ttys/getty.nix

+28 −4
Original line number Diff line number Diff line
@@ -7,14 +7,26 @@ let 


  baseArgs = [

    "--login-program" "${cfg.loginProgram}"

  ] ++ optionals (cfg.autologinUser != null) [

  ] ++ optionals (cfg.autologinUser != null && !cfg.autologinOnce) [

    "--autologin" cfg.autologinUser

  ] ++ optionals (cfg.loginOptions != null) [

    "--login-options" cfg.loginOptions

  ] ++ cfg.extraArgs;



  gettyCmd = args:

    "@${pkgs.util-linux}/sbin/agetty agetty ${escapeShellArgs baseArgs} ${args}";

    "${lib.getExe' pkgs.util-linux "agetty"} ${escapeShellArgs baseArgs} ${args}";



  autologinScript = ''

    otherArgs="--noclear --keep-baud $TTY 115200,38400,9600 $TERM";

    ${lib.optionalString cfg.autologinOnce ''

      autologged="/run/agetty.autologged"

      if test "$TTY" = tty1 && ! test -f "$autologged"; then

        touch "$autologged"

        exec ${gettyCmd "$otherArgs --autologin ${cfg.autologinUser}"}

      fi

    ''}

    exec ${gettyCmd "$otherArgs"}

  '';



in
@@ -40,6 +52,16 @@ in 
        '';

      };



      autologinOnce = mkOption {

        type = types.bool;

        default = false;

        description = ''

          If enabled the automatic login will only happen in the first tty

          once per boot. This can be useful to avoid retyping the account

          password on systems with full disk encrypted.

        '';

      };



      loginProgram = mkOption {

        type = types.path;

        default = "${pkgs.shadow}/bin/login";
@@ -106,9 +128,11 @@ in 


    systemd.services."getty@" =

      { serviceConfig.ExecStart = [

          "" # override upstream default with an empty ExecStart

          (gettyCmd "--noclear --keep-baud %I 115200,38400,9600 $TERM")

          # override upstream default with an empty ExecStart

          ""

          (pkgs.writers.writeDash "getty" autologinScript)

        ];

        environment.TTY = "%I";

        restartIfChanged = false;

      };