diff options
Diffstat (limited to 'nixos/modules/security/pam.nix')
-rw-r--r-- | nixos/modules/security/pam.nix | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index c74f66d918295..dc145d8585154 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -615,12 +615,12 @@ let optionalString cfg.setLoginUid '' session ${if config.boot.isContainer then "optional" else "required"} pam_loginuid.so '' + - optionalString cfg.ttyAudit.enable '' - session required ${pkgs.pam}/lib/security/pam_tty_audit.so - open_only=${toString cfg.ttyAudit.openOnly} - ${optionalString (cfg.ttyAudit.enablePattern != null) "enable=${cfg.ttyAudit.enablePattern}"} - ${optionalString (cfg.ttyAudit.disablePattern != null) "disable=${cfg.ttyAudit.disablePattern}"} - '' + + optionalString cfg.ttyAudit.enable (concatStringsSep " \\\n " ([ + "session required ${pkgs.pam}/lib/security/pam_tty_audit.so" + ] ++ optional cfg.ttyAudit.openOnly "open_only" + ++ optional (cfg.ttyAudit.enablePattern != null) "enable=${cfg.ttyAudit.enablePattern}" + ++ optional (cfg.ttyAudit.disablePattern != null) "disable=${cfg.ttyAudit.disablePattern}" + )) + optionalString cfg.makeHomeDir '' session required ${pkgs.pam}/lib/security/pam_mkhomedir.so silent skel=${config.security.pam.makeHomeDir.skelDirectory} umask=0077 '' + |