From a88ec5e8a5c04be6b6214a77aa4bb94ac9da5bb2 Mon Sep 17 00:00:00 2001
From: Geoffrey Huntley <ghuntley@ghuntley.com>
Date: Wed, 21 Mar 2018 16:46:35 -0700
Subject: [PATCH] duosec: use root uid as sshd uid has been retired (#33597)

* fix: use root uid as sshd uid has been retired

fixes https://github.com/NixOS/nixpkgs/issues/10088
related PR (abandoned) at https://github.com/NixOS/nixpkgs/pull/15391

* must use "sshd" user otherwise duosec does not work in multi user mode

see https://github.com/duosecurity/duo_unix/issues/89#issuecomment-272062632
---
 nixos/modules/security/duosec.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/security/duosec.nix b/nixos/modules/security/duosec.nix
index 9ca818e86ffa..df6108dede7c 100644
--- a/nixos/modules/security/duosec.nix
+++ b/nixos/modules/security/duosec.nix
@@ -25,14 +25,14 @@ let
   loginCfgFile = optional cfg.ssh.enable
     { source = pkgs.writeText "login_duo.conf" configFile;
       mode   = "0600";
-      uid    = config.ids.uids.sshd;
+      user   = "sshd";
       target = "duo/login_duo.conf";
     };
 
   pamCfgFile = optional cfg.pam.enable
     { source = pkgs.writeText "pam_duo.conf" configFile;
       mode   = "0600";
-      uid    = config.ids.uids.sshd;
+      user   = "sshd";
       target = "duo/pam_duo.conf";
     };
 in