From 5980d130c9bb85a2d1110fa15abcf263b572b097 Mon Sep 17 00:00:00 2001 From: Nicolas Pierron Date: Wed, 19 Aug 2009 15:04:05 +0000 Subject: [PATCH] Check sshd.permitRootLogin values. svn path=/nixos/trunk/; revision=16769 --- modules/services/networking/ssh/sshd.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/modules/services/networking/ssh/sshd.nix b/modules/services/networking/ssh/sshd.nix index a3ca7d84c46..4cce11a8145 100644 --- a/modules/services/networking/ssh/sshd.nix +++ b/modules/services/networking/ssh/sshd.nix @@ -31,11 +31,11 @@ let GatewayPorts ${cfg.gatewayPorts} ''; - # !!! is this assertion evaluated anywhere??? - assertion = cfg.permitRootLogin == "yes" || - cfg.permitRootLogin == "without-password" || - cfg.permitRootLogin == "forced-commands-only" || - cfg.permitRootLogin == "no"; + permitRootLoginCheck = v: + v == "yes" || + v == "without-password" || + v == "forced-commands-only" || + v == "no"; in @@ -73,6 +73,7 @@ in permitRootLogin = mkOption { default = "yes"; + check = permitRootLoginCheck; description = '' Whether the root user can login using ssh. Valid values are yes, without-password,