nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

system: pam: Honor /etc/environment. 

* gnu/system/pam.scm (unix-pam-service): Add pam_env module to the session group.
This commit is contained in:
宋文武 2015-12-02 21:28:35 +08:00
parent e10964efd2
commit af9908ff56
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
gnu/system/pam.scm
View File

@ -128,7 +128,10 @@ dumped in /etc/pam.d/NAME, where NAME is the name of SERVICE."
(define unix-pam-service (define unix-pam-service
(let ((unix (pam-entry (let ((unix (pam-entry
(control "required") (control "required")
(module "pam_unix.so")))) (module "pam_unix.so")))
(env (pam-entry ; to honor /etc/environment.
(control "required")
(module "pam_env.so"))))
(lambda* (name #:key allow-empty-passwords? motd) (lambda* (name #:key allow-empty-passwords? motd)
"Return a standard Unix-style PAM service for NAME. When "Return a standard Unix-style PAM service for NAME. When
ALLOW-EMPTY-PASSWORDS? is true, allow empty passwords. When MOTD is true, it ALLOW-EMPTY-PASSWORDS? is true, allow empty passwords. When MOTD is true, it
@ -150,13 +153,13 @@ should be a file-like object used as the message-of-the-day."
;; Store SHA-512 encrypted passwords in /etc/shadow. ;; Store SHA-512 encrypted passwords in /etc/shadow.
(arguments '("sha512" "shadow"))))) (arguments '("sha512" "shadow")))))
(session (if motd (session (if motd
(list unix (list env unix
(pam-entry (pam-entry
(control "optional") (control "optional")
(module "pam_motd.so") (module "pam_motd.so")
(arguments (arguments
(list #~(string-append "motd=" #$motd))))) (list #~(string-append "motd=" #$motd)))))
(list unix)))))))) (list env unix))))))))
(define (rootok-pam-service command) (define (rootok-pam-service command)
"Return a PAM service for COMMAND such that 'root' does not need to "Return a PAM service for COMMAND such that 'root' does not need to