JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Enable the `chfn' program. Note that by default non-root users are

Browse Source 
still not permitted to change their account information, as
  specified in login.defs.

svn path=/nixos/trunk/; revision=22049
This commit is contained in:
Eelco Dolstra 2010-05-28 14:59:34 +00:00
parent 39ea835dbc
commit 540c673364
3 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/programs/pwdutils/login.defs
View File

@ -12,3 +12,7 @@ GID_MAX 29999
TTYGROUP tty TTYGROUP tty
TTYPERM 0620 TTYPERM 0620
# Uncomment this to allow non-root users to change their account
#information. This should be made configurable.
#CHFN_RESTRICT frwh

1
modules/security/pam.nix
View File

@ -204,6 +204,7 @@ in
{ name = "sshd"; } { name = "sshd"; }
{ name = "xlock"; } { name = "xlock"; }
{ name = "chsh"; rootOK = true; } { name = "chsh"; rootOK = true; }
{ name = "chfn"; rootOK = true; }
{ name = "su"; rootOK = true; forwardXAuth = true; } { name = "su"; rootOK = true; forwardXAuth = true; }
# Note: useradd, groupadd etc. aren't setuid root, so it # Note: useradd, groupadd etc. aren't setuid root, so it
# doesn't really matter what the PAM config says as long as it # doesn't really matter what the PAM config says as long as it

2
modules/security/setuid-wrappers.nix
View File

@ -74,7 +74,7 @@ in
config = { config = {
security.setuidPrograms = security.setuidPrograms =
[ "passwd" "su" "crontab" "ping" "ping6" [ "passwd" "chfn" "su" "crontab" "ping" "ping6"
"fusermount" "wodim" "cdrdao" "growisofs" "fusermount" "wodim" "cdrdao" "growisofs"
]; ];