l usershadow: add setuid wrapper for check_pw
This commit is contained in:
parent
d03c70bb86
commit
ec4b7f30f5
|
@ -31,8 +31,9 @@
|
||||||
session required pam_loginuid.so
|
session required pam_loginuid.so
|
||||||
'';
|
'';
|
||||||
|
|
||||||
security.pam.services.dovecot2.text = ''
|
security.pam.services.dovecot2 = {
|
||||||
auth required pam_exec.so expose_authtok ${usershadow}/bin/verify_pam ${cfg.pattern}
|
text = ''
|
||||||
|
auth required pam_exec.so debug expose_authtok log=/tmp/lol /run/wrappers/bin/shadow_verify_pam ${cfg.pattern}
|
||||||
auth required pam_permit.so
|
auth required pam_permit.so
|
||||||
account required pam_permit.so
|
account required pam_permit.so
|
||||||
session required pam_permit.so
|
session required pam_permit.so
|
||||||
|
@ -40,6 +41,12 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
security.wrappers.shadow_verify_pam = {
|
||||||
|
source = "${usershadow}/bin/verify_pam";
|
||||||
|
owner = "root";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
usershadow = let {
|
usershadow = let {
|
||||||
deps = [
|
deps = [
|
||||||
"pwstore-fast"
|
"pwstore-fast"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user