about summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2016-09-05 15:38:42 +0200
committerEelco Dolstra <eelco.dolstra@logicblox.com>2016-09-05 15:38:42 +0200
commitf3c32cb2c1344c9a831bb9e4f47c1b20527dbe0b (patch)
tree3acc20e0aa7bc5a475fa0a005b82fd180d2fc0ec /nixos
parente8315cb1caac6343322b5bab822f3cd227ae287b (diff)
Let services.openssh.forwardX11 imply programs.ssh.setXAuthLocation
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/programs/ssh.nix4


-rw-r--r--nixos/modules/services/networking/ssh/sshd.nix2


2 files changed, 5 insertions, 1 deletions
diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix
index cc835081c9f95..b6fd9868f98f2 100644
--- a/nixos/modules/programs/ssh.nix
+++ b/nixos/modules/programs/ssh.nix
@@ -56,7 +56,6 @@ in
 
       setXAuthLocation = mkOption {
         type = types.bool;
-        default = config.services.xserver.enable;
         description = ''
           Whether to set the path to <command>xauth</command> for X11-forwarded connections.
           This causes a dependency on X11 packages.
@@ -165,6 +164,9 @@ in
 
   config = {
 
+    programs.ssh.setXAuthLocation =
+      mkDefault (config.services.xserver.enable || config.programs.ssh.forwardX11);
+
     assertions =
       [ { assertion = cfg.forwardX11 -> cfg.setXAuthLocation;
           message = "cannot enable X11 forwarding without setting XAuth location";
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix
index f900ef494abf7..ef186a20f9327 100644
--- a/nixos/modules/services/networking/ssh/sshd.nix
+++ b/nixos/modules/services/networking/ssh/sshd.nix
@@ -227,6 +227,8 @@ in
 
   config = mkIf cfg.enable {
 
+    programs.ssh.setXAuthLocation = mkForce cfg.forwardX11;
+
     users.extraUsers.sshd =
       { isSystemUser = true;
         description = "SSH privilege separation user";

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-14 04:41:03 +0000