Merge pull request #303340 from NixOS/revert-286310-pr-getty-autologin
Revert "nixos/getty: add option to autologin once per boot"
This commit is contained in:
commit
681d4a87b2
|
@ -498,9 +498,6 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||||
existing process, but will need to start that process from gdb (so it is a
|
existing process, but will need to start that process from gdb (so it is a
|
||||||
child). Or you can set `boot.kernel.sysctl."kernel.yama.ptrace_scope"` to 0.
|
child). Or you can set `boot.kernel.sysctl."kernel.yama.ptrace_scope"` to 0.
|
||||||
|
|
||||||
- The new option `services.getty.autologinOnce` was added to limit the automatic login to once per boot and on the first tty only.
|
|
||||||
When using full disk encryption, this option allows to unlock the system without retyping the passphrase while keeping the other ttys protected.
|
|
||||||
|
|
||||||
- The netbird module now allows running multiple tunnels in parallel through [`services.netbird.tunnels`](#opt-services.netbird.tunnels).
|
- The netbird module now allows running multiple tunnels in parallel through [`services.netbird.tunnels`](#opt-services.netbird.tunnels).
|
||||||
|
|
||||||
- [Nginx virtual hosts](#opt-services.nginx.virtualHosts) using `forceSSL` or
|
- [Nginx virtual hosts](#opt-services.nginx.virtualHosts) using `forceSSL` or
|
||||||
|
|
|
@ -7,26 +7,14 @@ let
|
||||||
|
|
||||||
baseArgs = [
|
baseArgs = [
|
||||||
"--login-program" "${cfg.loginProgram}"
|
"--login-program" "${cfg.loginProgram}"
|
||||||
] ++ optionals (cfg.autologinUser != null && !cfg.autologinOnce) [
|
] ++ optionals (cfg.autologinUser != null) [
|
||||||
"--autologin" cfg.autologinUser
|
"--autologin" cfg.autologinUser
|
||||||
] ++ optionals (cfg.loginOptions != null) [
|
] ++ optionals (cfg.loginOptions != null) [
|
||||||
"--login-options" cfg.loginOptions
|
"--login-options" cfg.loginOptions
|
||||||
] ++ cfg.extraArgs;
|
] ++ cfg.extraArgs;
|
||||||
|
|
||||||
gettyCmd = args:
|
gettyCmd = args:
|
||||||
"${pkgs.util-linux}/sbin/agetty ${escapeShellArgs baseArgs} ${args}";
|
"@${pkgs.util-linux}/sbin/agetty agetty ${escapeShellArgs baseArgs} ${args}";
|
||||||
|
|
||||||
autologinScript = ''
|
|
||||||
otherArgs="--noclear --keep-baud $TTY 115200,38400,9600 $TERM";
|
|
||||||
${lib.optionalString cfg.autologinOnce ''
|
|
||||||
autologged="/run/agetty.autologged"
|
|
||||||
if test "$TTY" = tty1 && ! test -f "$autologged"; then
|
|
||||||
touch "$autologged"
|
|
||||||
exec ${gettyCmd "$otherArgs --autologin ${cfg.autologinUser}"}
|
|
||||||
fi
|
|
||||||
''}
|
|
||||||
exec ${gettyCmd "$otherArgs"}
|
|
||||||
'';
|
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
|
@ -52,16 +40,6 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
autologinOnce = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
description = ''
|
|
||||||
If enabled the automatic login will only happen in the first tty
|
|
||||||
once per boot. This can be useful to avoid retyping the account
|
|
||||||
password on systems with full disk encrypted.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
loginProgram = mkOption {
|
loginProgram = mkOption {
|
||||||
type = types.path;
|
type = types.path;
|
||||||
default = "${pkgs.shadow}/bin/login";
|
default = "${pkgs.shadow}/bin/login";
|
||||||
|
@ -128,11 +106,9 @@ in
|
||||||
|
|
||||||
systemd.services."getty@" =
|
systemd.services."getty@" =
|
||||||
{ serviceConfig.ExecStart = [
|
{ serviceConfig.ExecStart = [
|
||||||
# override upstream default with an empty ExecStart
|
"" # override upstream default with an empty ExecStart
|
||||||
""
|
(gettyCmd "--noclear --keep-baud %I 115200,38400,9600 $TERM")
|
||||||
(pkgs.writers.writeDash "getty" autologinScript)
|
|
||||||
];
|
];
|
||||||
environment.TTY = "%I";
|
|
||||||
restartIfChanged = false;
|
restartIfChanged = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user