nixpkgs/modules/programs/pwdutils/pwdutils.nix
Lluís Batlle i Rossell 7b14ee9932 Setting the files cipher algorithm depending on the architecture
(with libxcrypt or without libxcrypt, at the end)

svn path=/nixos/trunk/; revision=17389
2009-09-23 20:50:41 +00:00

58 lines
1.6 KiB
Nix

# Configuration for the pwdutils suite of tools: passwd, useradd, etc.
{config, pkgs, ...}:
let
options = {
users.defaultUserShell = pkgs.lib.mkOption {
default = "/var/run/current-system/sw/bin/bash";
description = ''
This option defined the default shell assigned to user
accounts. This must not be a store path, since the path is
used outside the store (in particular in /etc/passwd).
Rather, it should be the path of a symlink that points to the
actual shell in the Nix store.
'';
};
};
in
{
require = [options];
environment.etc =
[ { # /etc/login.defs: global configuration for pwdutils. You
# cannot login without it!
source = ./login.defs;
target = "login.defs";
}
{ # /etc/default/passwd: configuration for passwd and friends
# (e.g., hash algorithm for /etc/passwd).
source = pkgs.substituteAll {
src = ./passwd.conf;
# This depends on pam_unix2 being built with libxcrypt or libc's libcrypt.
# Only in the first case it will understand 'blowfish'. And pam_unix2
# is not built with libxcrypt at the time of writing (it did not build)
filesCipher = if (pkgs.stdenv.system == "armv5tel-linux") then
"des" else "blowfish";
};
target = "default/passwd";
}
{ # /etc/default/useradd: configuration for useradd.
source = pkgs.writeText "useradd"
''
GROUP=100
HOME=/home
SHELL=${config.users.defaultUserShell}
'';
target = "default/useradd";
}
];
}