diff options
-rw-r--r-- | nixos/modules/config/nsswitch.nix | 5 | ||||
-rw-r--r-- | nixos/modules/security/google_oslogin.nix | 1 |
2 files changed, 2 insertions, 4 deletions
diff --git a/nixos/modules/config/nsswitch.nix b/nixos/modules/config/nsswitch.nix index 0acd8900e7b..77e47a350ec 100644 --- a/nixos/modules/config/nsswitch.nix +++ b/nixos/modules/config/nsswitch.nix @@ -15,7 +15,6 @@ let nsswins = canLoadExternalModules && config.services.samba.nsswins; ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch); resolved = canLoadExternalModules && config.services.resolved.enable; - googleOsLogin = canLoadExternalModules && config.security.googleOsLogin.enable; hostArray = mkMerge [ (mkBefore [ "files" ]) @@ -32,7 +31,6 @@ let (mkBefore [ "files" ]) (mkIf ldap [ "ldap" ]) (mkIf mymachines [ "mymachines" ]) - (mkIf googleOsLogin [ "cache_oslogin oslogin" ]) (mkIf canLoadExternalModules (mkAfter [ "systemd" ])) ]; @@ -172,7 +170,6 @@ in { # configured IP addresses, or ::1 and 127.0.0.2 as # fallbacks. Systemd also provides nss-mymachines to return IP # addresses of local containers. - system.nssModules = (optionals canLoadExternalModules [ config.systemd.package.out ]) - ++ optional googleOsLogin pkgs.google-compute-engine-oslogin.out; + system.nssModules = (optionals canLoadExternalModules [ config.systemd.package.out ]); }; } diff --git a/nixos/modules/security/google_oslogin.nix b/nixos/modules/security/google_oslogin.nix index 6f9962e1d62..78c2089baeb 100644 --- a/nixos/modules/security/google_oslogin.nix +++ b/nixos/modules/security/google_oslogin.nix @@ -49,6 +49,7 @@ in # enable the nss module, so user lookups etc. work system.nssModules = [ package ]; + system.nssDatabases.passwd = [ "cache_oslogin" "oslogin" ]; # Ugly: sshd refuses to start if a store path is given because /nix/store is group-writable. # So indirect by a symlink. |