summary refs log tree commit diff
diff options
context:
space:
mode:
authorDoron Behar <doron.behar@gmail.com>2020-10-04 11:29:56 +0300
committerGitHub <noreply@github.com>2020-10-04 11:29:56 +0300
commit9544c6078e12aacaf17abc9a13e740658b17e747 (patch)
treee04bfeeb38d69c9147c55677a022edf08a81eafa
parentc12b9cd9c816d4345a693b11ff52ae7753684488 (diff)
parent8cd4d59a329c147a832b5aabd1484d2f31a1621e (diff)
downloadnixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar
nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.gz
nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.bz2
nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.lz
nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.xz
nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.tar.zst
nixpkgs-9544c6078e12aacaf17abc9a13e740658b17e747.zip
Merge pull request #96672 from doronbehar/module/samba
nixos/samba: remove upstream deprecated syncPasswordsByPam option
Diffstat
-rw-r--r--nixos/modules/security/pam.nix2
-rw-r--r--nixos/modules/services/network-filesystems/samba.nix14
2 files changed, 1 insertions, 15 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix
index 5cdb1b54524..489f2a916f0 100644
--- a/nixos/modules/security/pam.nix
+++ b/nixos/modules/security/pam.nix
@@ -429,8 +429,6 @@ let
               "password sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_authtok"}
           ${optionalString config.krb5.enable
               "password sufficient ${pam_krb5}/lib/security/pam_krb5.so use_first_pass"}
-          ${optionalString config.services.samba.syncPasswordsByPam
-              "password optional ${pkgs.samba}/lib/security/pam_smbpass.so nullok use_authtok try_first_pass"}
           ${optionalString cfg.enableGnomeKeyring
               "password optional ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so use_authtok"}
 
diff --git a/nixos/modules/services/network-filesystems/samba.nix b/nixos/modules/services/network-filesystems/samba.nix
index 7d3c601d6cd..d6e2904b3c3 100644
--- a/nixos/modules/services/network-filesystems/samba.nix
+++ b/nixos/modules/services/network-filesystems/samba.nix
@@ -26,7 +26,6 @@ let
       [global]
       security = ${cfg.securityType}
       passwd program = /run/wrappers/bin/passwd %u
-      pam password change = ${smbToString cfg.syncPasswordsByPam}
       invalid users = ${smbToString cfg.invalidUsers}
 
       ${cfg.extraConfig}
@@ -67,6 +66,7 @@ in
 {
   imports = [
     (mkRemovedOptionModule [ "services" "samba" "defaultShare" ] "")
+    (mkRemovedOptionModule [ "services" "samba" "syncPasswordsByPam" ] "This option has been removed by upstream, see https://bugzilla.samba.org/show_bug.cgi?id=10669#c10")
   ];
 
   ###### interface
@@ -124,18 +124,6 @@ in
         '';
       };
 
-      syncPasswordsByPam = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Enabling this will add a line directly after pam_unix.so.
-          Whenever a password is changed the samba password will be updated as well.
-          However, you still have to add the samba password once, using smbpasswd -a user.
-          If you don't want to maintain an extra password database, you still can send plain text
-          passwords which is not secure.
-        '';
-      };
-
       invalidUsers = mkOption {
         type = types.listOf types.str;
         default = [ "root" ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-20 23:49:16 +0000