Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

nixos/pam: refactor U2F, docs about u2f_keys path #54756

Merged
merged 1 commit into from Jan 29, 2019

Conversation

kalbasit
Copy link
Member

@kalbasit kalbasit commented Jan 28, 2019

Motivation for this change
  • change enableU2F option to u2f.* set
  • add few u2f options (not all) to customize pam-u2f module
  • document default u2f_keys locations
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Assured whether relevant documentation is up to date
  • Fits CONTRIBUTING.md.

Replaces #40455 and #11886.

@kalbasit
Copy link
Member Author

@GrahamcOfBorg test pam-u2f

@kalbasit
Copy link
Member Author

@GrahamcOfBorg test pam-u2f

kalbasit added a commit to kalbasit/shabka that referenced this pull request Jan 28, 2019
This change patches nixpkgs stable with NixOS/nixpkgs#54756 and enables `u2f.cue`.
@kalbasit
Copy link
Member Author

@spinus this PR is heavily based on your submission #11886. Please let me know if there's anything else you would like to add.
@infinisil I've been using this PR for a few days now, and I have not had any issues, Do you have some time for a review? I will wait at least another week before merging to get a chance for more testing.

nixos/modules/security/pam.nix Outdated Show resolved Hide resolved
nixos/modules/security/pam.nix Outdated Show resolved Hide resolved
nixos/modules/security/pam.nix Outdated Show resolved Hide resolved
nixos/modules/security/pam.nix Outdated Show resolved Hide resolved
@kalbasit
Copy link
Member Author

@infinisil I've updated the PR and addressed all of your comments, PTAL.

nixos/modules/security/pam.nix Outdated Show resolved Hide resolved
nixos/modules/security/pam.nix Outdated Show resolved Hide resolved
nixos/modules/security/pam.nix Outdated Show resolved Hide resolved
@kalbasit
Copy link
Member Author

@infinisil PTAL.

@infinisil
Copy link
Member

Commit message should be changed to have the nixos/...: prefix. Feel free to merge this after that :)

* change enableU2F option to u2f.* set
* add few u2f options (not all) to customize pam-u2f module
* document default u2f_keys locations

Co-authored-by: Tomasz Czyż <tomasz.czyz@gmail.com>
Co-authored-by: Arda Xi <arda@ardaxi.com>
@kalbasit kalbasit changed the title pam-u2f: refactor, docs about u2f_keys path nixos/pam: refactor U2F, docs about u2f_keys path Jan 29, 2019
@kalbasit kalbasit merged commit f072cfe into NixOS:master Jan 29, 2019
@kalbasit kalbasit deleted the nixpkgs_improve-u2f-support branch January 29, 2019 16:45
@spinus
Copy link
Member

spinus commented Jan 30, 2019

@kalbasit thank you for pushing that forward!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants