Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 986ff168c7da
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 5a0e9e63c71b
Choose a head ref
  • 2 commits
  • 1 file changed
  • 1 contributor

Commits on Jun 4, 2020

  1. nixos/pam: mount encrypted home earlier 

    This patch was done by curro:

The generated /etc/pam.d/* service files invoke the pam_systemd.so
session module before pam_mount.so, if both are enabled (e.g. via
security.pam.services.foo.startSession and
security.pam.services.foo.pamMount respectively).

This doesn't work in the most common scenario where the user's home
directory is stored in a pam-mounted encrypted volume (because systemd
will fail to access the user's systemd configuration).
    @peterhoeg
    peterhoeg committed Jun 4, 2020

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    66e040e View commit details

Commits on Jun 10, 2020

  1. Merge pull request #89457 from NixOS/f/pam_ordering 

    nixos/pam: mount encrypted home earlier
    @peterhoeg
    peterhoeg authored Jun 10, 2020

    Unverified

    This user has not yet uploaded their public signing key.
    GPG key ID: A0E01EF44C27BF00
    Learn about vigilant mode
    Copy the full SHA
    5a0e9e6 View commit details
Showing with 2 additions and 2 deletions.
  1. +2 −2 nixos/modules/security/pam.nix
4 changes: 2 additions & 2 deletions nixos/modules/security/pam.nix
View file
Original file line number Diff line number Diff line change
@@ -436,6 +436,8 @@ let
"session required ${pkgs.pam}/lib/security/pam_lastlog.so silent"}
${optionalString config.security.pam.enableEcryptfs
"session optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so"}
${optionalString cfg.pamMount
"session optional ${pkgs.pam_mount}/lib/security/pam_mount.so"}
${optionalString use_ldap
"session optional ${pam_ldap}/lib/security/pam_ldap.so"}
${optionalString config.services.sssd.enable
@@ -452,8 +454,6 @@ let
"session required ${pkgs.pam}/lib/security/pam_limits.so conf=${makeLimitsConf cfg.limits}"}
${optionalString (cfg.showMotd && config.users.motd != null)
"session optional ${pkgs.pam}/lib/security/pam_motd.so motd=${motd}"}
${optionalString cfg.pamMount
"session optional ${pkgs.pam_mount}/lib/security/pam_mount.so"}
${optionalString (cfg.enableAppArmor && config.security.apparmor.enable)
"session optional ${pkgs.apparmor-pam}/lib/security/pam_apparmor.so order=user,group,default debug"}
${optionalString (cfg.enableKwallet)