nixos/modules/security/pam_usb.nix at 18.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / security / pam_usb.nix

at 18.09-beta 888 B view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6
 7  cfg = config.security.pam.usb;
 8
 9  anyUsbAuth = any (attrByPath ["usbAuth"] false) (attrValues config.security.pam.services);
10
11in
12
13{
14  options = {
15
16    security.pam.usb = {
17      enable = mkOption {
18        type = types.bool;
19        default = false;
20        description = ''
21          Enable USB login for all login systems that support it.  For
22          more information, visit <link
23          xlink:href="https://github.com/aluzzardi/pam_usb/wiki/Getting-Started#setting-up-devices-and-users" />.
24        '';
25      };
26
27    };
28
29  };
30
31  config = mkIf (cfg.enable || anyUsbAuth) {
32
33    # Make sure pmount and pumount are setuid wrapped.
34    security.wrappers = {
35      pmount.source = "${pkgs.pmount.out}/bin/pmount";
36      pumount.source = "${pkgs.pmount.out}/bin/pumount";
37    };
38
39    environment.systemPackages = [ pkgs.pmount ];
40
41  };
42}