You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

system-environment.nix 3.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
  1. # This module defines a system-wide environment that will be
  2. # initialised by pam_env (that is, not only in shells).
  3. { config, lib, pkgs, ... }:
  4. with lib;
  5. let
  6. cfg = config.environment;
  7. in
  8. {
  9. options = {
  10. environment.sessionVariables = mkOption {
  11. default = {};
  12. description = ''
  13. A set of environment variables used in the global environment.
  14. These variables will be set by PAM early in the login process.
  15. The value of each session variable can be either a string or a
  16. list of strings. The latter is concatenated, interspersed with
  17. colon characters.
  18. Note, due to limitations in the PAM format values may not
  19. contain the <literal>"</literal> character.
  20. Also, these variables are merged into
  21. <xref linkend="opt-environment.variables"/> and it is
  22. therefore not possible to use PAM style variables such as
  23. <code>@{HOME}</code>.
  24. '';
  25. type = with types; attrsOf (either str (listOf str));
  26. apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else v);
  27. };
  28. environment.profileRelativeSessionVariables = mkOption {
  29. type = types.attrsOf (types.listOf types.str);
  30. example = { PATH = [ "/bin" ]; MANPATH = [ "/man" "/share/man" ]; };
  31. description = ''
  32. Attribute set of environment variable used in the global
  33. environment. These variables will be set by PAM early in the
  34. login process.
  35. Variable substitution is available as described in
  36. <citerefentry>
  37. <refentrytitle>pam_env.conf</refentrytitle>
  38. <manvolnum>5</manvolnum>
  39. </citerefentry>.
  40. Each attribute maps to a list of relative paths. Each relative
  41. path is appended to the each profile of
  42. <option>environment.profiles</option> to form the content of
  43. the corresponding environment variable.
  44. Also, these variables are merged into
  45. <xref linkend="opt-environment.profileRelativeEnvVars"/> and it is
  46. therefore not possible to use PAM style variables such as
  47. <code>@{HOME}</code>.
  48. '';
  49. };
  50. };
  51. config = {
  52. system.build.pamEnvironment =
  53. let
  54. suffixedVariables =
  55. flip mapAttrs cfg.profileRelativeSessionVariables (envVar: suffixes:
  56. flip concatMap cfg.profiles (profile:
  57. map (suffix: "${profile}${suffix}") suffixes
  58. )
  59. );
  60. # We're trying to use the same syntax for PAM variables and env variables.
  61. # That means we need to map the env variables that people might use to their
  62. # equivalent PAM variable.
  63. replaceEnvVars = replaceStrings ["$HOME" "$USER"] ["@{HOME}" "@{PAM_USER}"];
  64. pamVariable = n: v:
  65. ''${n} DEFAULT="${concatStringsSep ":" (map replaceEnvVars (toList v))}"'';
  66. pamVariables =
  67. concatStringsSep "\n"
  68. (mapAttrsToList pamVariable
  69. (zipAttrsWith (n: concatLists)
  70. [
  71. (mapAttrs (n: toList) cfg.sessionVariables)
  72. suffixedVariables
  73. ]));
  74. in
  75. pkgs.writeText "pam-environment" "${pamVariables}\n";
  76. };
  77. }