alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Pull requests Activity

Let services.openssh.forwardX11 imply programs.ssh.setXAuthLocation

Browse source
This commit is contained in:
Eelco Dolstra 2016-09-05 15:38:42 +02:00
parent e8315cb1ca
commit f3c32cb2c1
2 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nixos/modules/programs/ssh.nix
View file

@ -56,7 +56,6 @@ in
setXAuthLocation = mkOption { setXAuthLocation = mkOption {
type = types.bool; type = types.bool;
default = config.services.xserver.enable;
description = '' description = ''
Whether to set the path to <command>xauth</command> for X11-forwarded connections. Whether to set the path to <command>xauth</command> for X11-forwarded connections.
This causes a dependency on X11 packages. This causes a dependency on X11 packages.
@ -165,6 +164,9 @@ in
config = { config = {
programs.ssh.setXAuthLocation =
mkDefault (config.services.xserver.enable || config.programs.ssh.forwardX11);
assertions = assertions =
[ { assertion = cfg.forwardX11 -> cfg.setXAuthLocation; [ { assertion = cfg.forwardX11 -> cfg.setXAuthLocation;
message = "cannot enable X11 forwarding without setting XAuth location"; message = "cannot enable X11 forwarding without setting XAuth location";

2
nixos/modules/services/networking/ssh/sshd.nix
View file

@ -227,6 +227,8 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.ssh.setXAuthLocation = mkForce cfg.forwardX11;
users.extraUsers.sshd = users.extraUsers.sshd =
{ isSystemUser = true; { isSystemUser = true;
description = "SSH privilege separation user"; description = "SSH privilege separation user";