Skip to content
Browse files
pam_mount: do not re-prompt for password
nixos-rebuild test causes pam_mount to prompt for a password when running with
an encrypted home:

building '/nix/store/p6bflh7n5zy2dql8l45mix9qnzq65hbk-nixos-system-mildred-18.09.git.98592c5da79M.drv'...
activating the configuration...
setting up /etc...
reenter password for pam_mount:
(mount.c:68): Messages from underlying mount program:
(mount.c:72): crypt_activate_by_passphrase: File exists
(pam_mount.c:522): mount of /dev/mapper/vg0-lv_home_peter failed
kbuildsycoca5 running...

This change makes pam_mount not prompt. It still tries to remount (and fails in
the process) but that message can be ignored.

Fixes: #44586
  • Loading branch information
peterhoeg committed Nov 8, 2018
1 parent 179b814 commit dc80e99c7741b1bd82bf73827b4e920daa223e73
Showing with 2 additions and 2 deletions.
  1. +2 −2 nixos/modules/security/pam.nix
@@ -313,7 +313,7 @@ let
"auth optional ${pkgs.ecryptfs}/lib/security/ unwrap"}
${optionalString cfg.pamMount
"auth optional ${pkgs.pam_mount}/lib/security/"}
"auth optional ${pkgs.pam_mount}/lib/security/ disable_interactive"}
${optionalString cfg.enableKwallet
("auth optional ${pkgs.plasma5.kwallet-pam}/lib/security/" +
" kwalletd=${pkgs.libsForQt5.kwallet.bin}/bin/kwalletd5")}
@@ -384,7 +384,7 @@ let
${optionalString (cfg.showMotd && config.users.motd != null)
"session optional ${pkgs.pam}/lib/security/ motd=${motd}"}
${optionalString cfg.pamMount
"session optional ${pkgs.pam_mount}/lib/security/"}
"session optional ${pkgs.pam_mount}/lib/security/ disable_interactive"}
${optionalString (cfg.enableAppArmor &&
"session optional ${pkgs.apparmor-pam}/lib/security/ order=user,group,default debug"}
${optionalString (cfg.enableKwallet)

0 comments on commit dc80e99

Please sign in to comment.