jetomit/monguix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

services/sssd: modernize

Browse source
This commit is contained in:
Timotej Lazar 2023-05-20 14:55:59 +02:00
parent 157bdcf19f
commit 0563f84c7b
1 changed files with 12 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

18
services/sssd.scm
View file

@ -83,30 +83,34 @@
;;; ;;;
(define (pam-sss-pam-service config) (define (pam-sss-pam-service config)
(let ((module #~(string-append #$(pam-sss-configuration-sssd config) "Return a PAM service for SSSD authentication."
"/lib/security/pam_sss.so")))
(list (list
(pam-extension
(transformer
(lambda (pam) (lambda (pam)
(define pam-sss-module
#~(string-append #$(pam-sss-configuration-sssd config)
"/lib/security/pam_sss.so"))
(pam-service (pam-service
(inherit pam) (inherit pam)
(auth (cons* (pam-entry (auth (cons* (pam-entry
(control "sufficient") (control "sufficient")
(module module)) (module pam-sss-module))
;(arguments (list "use_first_pass"))) ;(arguments (list "use_first_pass")))
(pam-service-auth pam))) (pam-service-auth pam)))
(account (cons* (pam-entry (account (cons* (pam-entry
(control "[default=bad success=ok user_unknown=ignore]") (control "[default=bad success=ok user_unknown=ignore]")
(module module)) (module pam-sss-module))
(pam-service-account pam))) (pam-service-account pam)))
(password (cons* (pam-entry (password (cons* (pam-entry
(control "sufficient") (control "sufficient")
(module module)) (module pam-sss-module))
;(arguments (list "use_authtok"))) ;(arguments (list "use_authtok")))
(pam-service-password pam))) (pam-service-password pam)))
(session (cons* (pam-entry (session (cons* (pam-entry
(control "optional") (control "optional")
(module module)) (module pam-sss-module))
(pam-service-session pam)))))))) (pam-service-session pam)))))))))
(define pam-sss-service-type (define pam-sss-service-type
(service-type (service-type