From b7f11ad98b3a9a5305eb9c259746adc56c73680e Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Sun, 7 Jan 2007 10:19:16 +0000
Subject: [PATCH] * Generate sshd_config to set XAuthLocation if X11 forwarding
 is   enabled.

svn path=/nixos/trunk/; revision=7548
---
 system/options.nix       |  2 +-
 system/upstart.nix       |  4 +++-
 upstart-jobs/sshd.nix    | 18 ++++++++++++++++--
 upstart-jobs/sshd_config |  2 --
 4 files changed, 20 insertions(+), 6 deletions(-)
 delete mode 100644 upstart-jobs/sshd_config

diff --git a/system/options.nix b/system/options.nix
index 585d879c1e6..80ae8ead0a7 100644
--- a/system/options.nix
+++ b/system/options.nix
@@ -271,7 +271,7 @@
   
   {
     name = ["services" "sshd" "forwardX11"];
-    default = false;
+    default = true;
     description = "
       Whether to enable sshd to forward X11 connections.
     ";
diff --git a/system/upstart.nix b/system/upstart.nix
index d89788ff7b7..8c134a2f0b8 100644
--- a/system/upstart.nix
+++ b/system/upstart.nix
@@ -85,7 +85,9 @@ import ../upstart-jobs/gather.nix {
   # SSH daemon.
   ++ optional ["services" "sshd" "enable"]
     (import ../upstart-jobs/sshd.nix {
-      inherit (pkgs) openssh glibc pwdutils;
+      inherit (pkgs) writeText openssh glibc pwdutils;
+      inherit (pkgs.xorg) xauth;
+      forwardX11 = config.get ["services" "sshd" "forwardX11"];
     })
 
   # NTP daemon.
diff --git a/upstart-jobs/sshd.nix b/upstart-jobs/sshd.nix
index 7f4104625b9..4988158caa1 100644
--- a/upstart-jobs/sshd.nix
+++ b/upstart-jobs/sshd.nix
@@ -1,4 +1,18 @@
-{openssh, glibc, pwdutils}:
+{writeText, openssh, glibc, pwdutils, xauth, forwardX11}:
+
+let
+
+  sshdConfig = writeText "sshd_config" "
+    UsePAM yes
+    ${if forwardX11 then "
+      X11Forwarding yes
+      XAuthLocation ${xauth}/bin/xauth
+    " else "
+      X11Forwarding no
+    "}
+  ";
+
+in
 
 {
   name = "sshd";
@@ -24,7 +38,7 @@ start script
     fi
 end script
 
-respawn ${openssh}/sbin/sshd -D -h /etc/ssh/ssh_host_dsa_key -f ${./sshd_config}
+respawn ${openssh}/sbin/sshd -D -h /etc/ssh/ssh_host_dsa_key -f ${sshdConfig}
   ";
   
 }
diff --git a/upstart-jobs/sshd_config b/upstart-jobs/sshd_config
deleted file mode 100644
index 994042bc78f..00000000000
--- a/upstart-jobs/sshd_config
+++ /dev/null
@@ -1,2 +0,0 @@
-X11Forwarding yes
-UsePAM yes