diff options
Diffstat (limited to 'pkgs/tools/networking/openssh/common.nix')
-rw-r--r-- | pkgs/tools/networking/openssh/common.nix | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/pkgs/tools/networking/openssh/common.nix b/pkgs/tools/networking/openssh/common.nix index 5c7b3ecb1d355..7196ceeebaadf 100644 --- a/pkgs/tools/networking/openssh/common.nix +++ b/pkgs/tools/networking/openssh/common.nix @@ -22,7 +22,7 @@ , pam , libredirect , etcDir ? null -, withKerberos ? true +, withKerberos ? false , withLdns ? true , libkrb5 , libfido2 @@ -33,6 +33,7 @@ , withPAM ? stdenv.hostPlatform.isLinux , dsaKeysSupport ? false , linkOpenssl ? true +, isNixos ? stdenv.hostPlatform.isLinux }: stdenv.mkDerivation { @@ -77,6 +78,12 @@ stdenv.mkDerivation { unset LD ''; + env = lib.optionalAttrs isNixos { + # openssh calls passwd to allow the user to reset an expired password, but nixos + # doesn't ship it at /usr/bin/passwd. + PATH_PASSWD_PROG = "/run/wrappers/bin/passwd"; + }; + # I set --disable-strip because later we strip anyway. And it fails to strip # properly when cross building. configureFlags = [ @@ -170,13 +177,16 @@ stdenv.mkDerivation { "sysconfdir=\${out}/etc/ssh" ]; - passthru.tests = { - borgbackup-integration = nixosTests.borgbackup; - openssh = nixosTests.openssh; + passthru = { + inherit withKerberos; + tests = { + borgbackup-integration = nixosTests.borgbackup; + openssh = nixosTests.openssh; + }; }; meta = with lib; { - description = "An implementation of the SSH protocol${extraDesc}"; + description = "Implementation of the SSH protocol${extraDesc}"; homepage = "https://www.openssh.com/"; changelog = "https://www.openssh.com/releasenotes.html"; license = licenses.bsd2; |