diff options
author | Doron Behar <doron.behar@gmail.com> | 2020-10-04 11:29:56 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-04 11:29:56 +0300 |
commit | 9544c6078e12aacaf17abc9a13e740658b17e747 (patch) | |
tree | e04bfeeb38d69c9147c55677a022edf08a81eafa | |
parent | c12b9cd9c816d4345a693b11ff52ae7753684488 (diff) | |
parent | 8cd4d59a329c147a832b5aabd1484d2f31a1621e (diff) | |
download | nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.gz nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.bz2 nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.lz nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.xz nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.zst nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.zip |
Merge pull request #96672 from doronbehar/module/samba
nixos/samba: remove upstream deprecated syncPasswordsByPam option
-rw-r--r-- | nixos/modules/security/pam.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/network-filesystems/samba.nix | 14 |
2 files changed, 1 insertions, 15 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index 5cdb1b54524..489f2a916f0 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -429,8 +429,6 @@ let "password sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_authtok"} ${optionalString config.krb5.enable "password sufficient ${pam_krb5}/lib/security/pam_krb5.so use_first_pass"} - ${optionalString config.services.samba.syncPasswordsByPam - "password optional ${pkgs.samba}/lib/security/pam_smbpass.so nullok use_authtok try_first_pass"} ${optionalString cfg.enableGnomeKeyring "password optional ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so use_authtok"} diff --git a/nixos/modules/services/network-filesystems/samba.nix b/nixos/modules/services/network-filesystems/samba.nix index 7d3c601d6cd..d6e2904b3c3 100644 --- a/nixos/modules/services/network-filesystems/samba.nix +++ b/nixos/modules/services/network-filesystems/samba.nix @@ -26,7 +26,6 @@ let [global] security = ${cfg.securityType} passwd program = /run/wrappers/bin/passwd %u - pam password change = ${smbToString cfg.syncPasswordsByPam} invalid users = ${smbToString cfg.invalidUsers} ${cfg.extraConfig} @@ -67,6 +66,7 @@ in { imports = [ (mkRemovedOptionModule [ "services" "samba" "defaultShare" ] "") + (mkRemovedOptionModule [ "services" "samba" "syncPasswordsByPam" ] "This option has been removed by upstream, see https://bugzilla.samba.org/show_bug.cgi?id=10669#c10") ]; ###### interface @@ -124,18 +124,6 @@ in ''; }; - syncPasswordsByPam = mkOption { - type = types.bool; - default = false; - description = '' - Enabling this will add a line directly after pam_unix.so. - Whenever a password is changed the samba password will be updated as well. - However, you still have to add the samba password once, using smbpasswd -a user. - If you don't want to maintain an extra password database, you still can send plain text - passwords which is not secure. - ''; - }; - invalidUsers = mkOption { type = types.listOf types.str; default = [ "root" ]; |