nixpkgs/pkgs/os-specific/linux/pam/suid-wrapper-path.patch
Sergei Trofimovich 60e0187471 pam: fix pam_unix autohentication failures when ran as user
Commit d0c42dfa "pam: bind Linux-PAM locales from pam-specific folder
(upstream patch)" added autoreconfHook269 into one of the postPatch
phases.

This clobbered the change applied by `suid-wrapper-path.patch` as it was
patching Makefile.in.

As a result `nixosTests.sway` test started failing as:

    check pass; user unknown

Running `swaylock` on real system exhibited the same result.

As `suid-wrapper-path.patch` is clobbered we were running non-suid
version of `unix_chkpwd`:

    /nix/store/...-linux-pam-1.5.2/sbin/unix_chkpwd

instead of SUID-wrapped

    /run/wrappers/bin/unix_chkpw

The fix is trivial: move the patch from auto-generated file to
`Makefile.am`.

Discovered-by: Yureka
2023-11-11 09:54:04 +00:00

6 lines
262 B
Diff

It needs the SUID version during runtime, and that can't be in /nix/store/**
--- a/modules/pam_unix/Makefile.am
+++ b/modules/pam_unix/Makefile.am
@@ -21 +21 @@
- -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\" \
+ -DCHKPWD_HELPER=\"/run/wrappers/bin/unix_chkpwd\" \