nixos/modules/security/pam_usb.nix at 17.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / security / pam_usb.nix

at 17.09-beta 872 B view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6
 7  inherit (pkgs) pam_usb;
 8
 9  cfg = config.security.pam.usb;
10
11  anyUsbAuth = any (attrByPath ["usbAuth"] false) (attrValues config.security.pam.services);
12
13in
14
15{
16  options = {
17
18    security.pam.usb = {
19      enable = mkOption {
20        type = types.bool;
21        default = false;
22        description = ''
23          Enable USB login for all login systems that support it.  For
24          more information, visit <link
25          xlink:href="http://pamusb.org/doc/quickstart#setting_up" />.
26        '';
27      };
28
29    };
30
31  };
32
33  config = mkIf (cfg.enable || anyUsbAuth) {
34
35    # Make sure pmount and pumount are setuid wrapped.
36    security.wrappers = {
37      pmount.source = "${pkgs.pmount.out}/bin/pmount";
38      pumount.source = "${pkgs.pmount.out}/bin/pumount";
39    };
40
41    environment.systemPackages = [ pkgs.pmount ];
42
43  };
44}