From 7b14ee9932140c432e15dec3eec653efcce64bec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Llu=C3=ADs=20Batlle=20i=20Rossell?= Date: Wed, 23 Sep 2009 20:50:41 +0000 Subject: [PATCH] Setting the files cipher algorithm depending on the architecture (with libxcrypt or without libxcrypt, at the end) svn path=/nixos/trunk/; revision=17389 --- modules/programs/pwdutils/passwd.conf | 2 +- modules/programs/pwdutils/pwdutils.nix | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/modules/programs/pwdutils/passwd.conf b/modules/programs/pwdutils/passwd.conf index 5804e28c38b..3b10fa350b5 100644 --- a/modules/programs/pwdutils/passwd.conf +++ b/modules/programs/pwdutils/passwd.conf @@ -4,7 +4,7 @@ CRYPT=des # for local files, use a more secure hash. We # don't need to be portable here: -CRYPT_FILES=blowfish +CRYPT_FILES=@filesCipher@ # sometimes we need to specify special options for # a hash (variable is prepended by the name of the diff --git a/modules/programs/pwdutils/pwdutils.nix b/modules/programs/pwdutils/pwdutils.nix index ec5d31a1ad1..a690d7dab3e 100644 --- a/modules/programs/pwdutils/pwdutils.nix +++ b/modules/programs/pwdutils/pwdutils.nix @@ -33,7 +33,14 @@ in { # /etc/default/passwd: configuration for passwd and friends # (e.g., hash algorithm for /etc/passwd). - source = ./passwd.conf; + source = pkgs.substituteAll { + src = ./passwd.conf; + # This depends on pam_unix2 being built with libxcrypt or libc's libcrypt. + # Only in the first case it will understand 'blowfish'. And pam_unix2 + # is not built with libxcrypt at the time of writing (it did not build) + filesCipher = if (pkgs.stdenv.system == "armv5tel-linux") then + "des" else "blowfish"; + }; target = "default/passwd"; }