ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-09-22 04:57:56 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #86409 from flokli/oslogin-move-nsswitch

Browse Source 
nixos/google-oslogin: Move nsswitch config into the module
This commit is contained in:
Florian Klink 2020-04-30 18:25:40 +02:00 committed by GitHub
commit 9d11b73c33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
nixos/modules/config/nsswitch.nix
View File

@ -15,7 +15,6 @@ let
nsswins = canLoadExternalModules && config.services.samba.nsswins;
ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch);
resolved = canLoadExternalModules && config.services.resolved.enable;
googleOsLogin = canLoadExternalModules && config.security.googleOsLogin.enable;
hostArray = mkMerge [
(mkBefore [ "files" ])
@ -32,7 +31,6 @@ let
(mkBefore [ "files" ])
(mkIf ldap [ "ldap" ])
(mkIf mymachines [ "mymachines" ])
(mkIf googleOsLogin [ "cache_oslogin oslogin" ])
(mkIf canLoadExternalModules (mkAfter [ "systemd" ]))
];
@ -172,7 +170,6 @@ in {
# configured IP addresses, or ::1 and 127.0.0.2 as
# fallbacks. Systemd also provides nss-mymachines to return IP
# addresses of local containers.
system.nssModules = (optionals canLoadExternalModules [ config.systemd.package.out ])
++ optional googleOsLogin pkgs.google-compute-engine-oslogin.out;
system.nssModules = (optionals canLoadExternalModules [ config.systemd.package.out ]);
};
}

1
nixos/modules/security/google_oslogin.nix
View File

@ -49,6 +49,7 @@ in
# enable the nss module, so user lookups etc. work
system.nssModules = [ package ];
system.nssDatabases.passwd = [ "cache_oslogin" "oslogin" ];
# Ugly: sshd refuses to start if a store path is given because /nix/store is group-writable.
# So indirect by a symlink.