l usershadow: add setuid wrapper for check_pw
This commit is contained in:
parent
d03c70bb86
commit
ec4b7f30f5
@ -31,8 +31,9 @@
|
||||
session required pam_loginuid.so
|
||||
'';
|
||||
|
||||
security.pam.services.dovecot2.text = ''
|
||||
auth required pam_exec.so expose_authtok ${usershadow}/bin/verify_pam ${cfg.pattern}
|
||||
security.pam.services.dovecot2 = {
|
||||
text = ''
|
||||
auth required pam_exec.so debug expose_authtok log=/tmp/lol /run/wrappers/bin/shadow_verify_pam ${cfg.pattern}
|
||||
auth required pam_permit.so
|
||||
account required pam_permit.so
|
||||
session required pam_permit.so
|
||||
@ -40,6 +41,12 @@
|
||||
'';
|
||||
};
|
||||
|
||||
security.wrappers.shadow_verify_pam = {
|
||||
source = "${usershadow}/bin/verify_pam";
|
||||
owner = "root";
|
||||
};
|
||||
};
|
||||
|
||||
usershadow = let {
|
||||
deps = [
|
||||
"pwstore-fast"
|
||||
|
Loading…
Reference in New Issue
Block a user