diff options
author | Eduard Bachmakov <eduarrrd@users.noreply.github.com> | 2023-02-21 22:48:03 +0100 |
---|---|---|
committer | Eduard Bachmakov <eduarrrd@users.noreply.github.com> | 2023-02-21 22:48:09 +0100 |
commit | 45a6488f9c18c57e05c248a3cd5722be114e9952 (patch) | |
tree | e2273410df4fd00094f37210c660f56fb3818909 /nixos | |
parent | 2ca5a88f8e7396b022ae7345f6a2592cb0301187 (diff) |
nixos/sddm + nixos/plasma5: switch PAM service to `login`.
GDM and LightDM are already using this approach. It also allows us to enable Kwallet integration more globally without generating stray PAM services. The default configuration of login service includes both options sddm was setting explicitly.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/x11/desktop-managers/plasma5.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/x11/display-managers/sddm.nix | 10 |
2 files changed, 7 insertions, 5 deletions
diff --git a/nixos/modules/services/x11/desktop-managers/plasma5.nix b/nixos/modules/services/x11/desktop-managers/plasma5.nix index 9a26681d1f927..73322696aeac6 100644 --- a/nixos/modules/services/x11/desktop-managers/plasma5.nix +++ b/nixos/modules/services/x11/desktop-managers/plasma5.nix @@ -379,7 +379,7 @@ in security.pam.services.kde = { allowNullPassword = true; }; - security.pam.services.sddm.enableKwallet = true; + security.pam.services.login.enableKwallet = true; systemd.user.services = { plasma-early-setup = mkIf cfg.runUsingSystemd { diff --git a/nixos/modules/services/x11/display-managers/sddm.nix b/nixos/modules/services/x11/display-managers/sddm.nix index a3f03d7a19a6b..0ddeac0f10984 100644 --- a/nixos/modules/services/x11/display-managers/sddm.nix +++ b/nixos/modules/services/x11/display-managers/sddm.nix @@ -215,10 +215,12 @@ in }; security.pam.services = { - sddm = { - allowNullPassword = true; - startSession = true; - }; + sddm.text = '' + auth substack login + account include login + password substack login + session include login + ''; sddm-greeter.text = '' auth required pam_succeed_if.so audit quiet_success user = sddm |