Remove fixed cifs auth fi

2025-01-16 14:16:55 +02:00 · 2025-01-16 14:16:55 +02:00 · 2d697984f2
commit 2d697984f2
parent b3736b1e1d
2 changed files with 0 additions and 45 deletions
--- a/defaults/cifs-auth-fix/default.nix
+++ b/defaults/cifs-auth-fix/default.nix
@ -1,44 +0,0 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 {
  # Remove this once https://github.com/NixOS/nixpkgs/issues/34638 is resolved
  # The TL;DR is: the kernel calls out to the hard-coded path of
  # /sbin/request-key as part of its CIFS auth process, which of course does
  # not exist on NixOS due to the usage of Nix store paths.
  system.activationScripts.symlink-requestkey = ''
    if [ ! -d /sbin ]; then
      mkdir /sbin
    fi
    ln -sfn /run/current-system/sw/bin/request-key /sbin/request-key
  '';
  # request-key expects a configuration file under /etc
  environment.etc."request-key.conf" = {
    text =
      let
        upcall = "${pkgs.cifs-utils}/bin/cifs.upcall";
        keyctl = "${pkgs.keyutils}/bin/keyctl";
      in
      ''
        #OP     TYPE          DESCRIPTION  CALLOUT_INFO  PROGRAM
        # -t is required for DFS share servers...
        create  cifs.spnego   *            *             ${upcall} -t %k
        create  dns_resolver  *            *             ${upcall} %k
        # Everything below this point is essentially the default configuration,
        # modified minimally to work under NixOS. Notably, it provides debug
        # logging.
        create  user          debug:*      negate        ${keyctl} negate %k 30 %S
        create  user          debug:*      rejected      ${keyctl} reject %k 30 %c %S
        create  user          debug:*      expired       ${keyctl} reject %k 30 %c %S
        create  user          debug:*      revoked       ${keyctl} reject %k 30 %c %S
        create  user          debug:loop:* *             |${pkgs.coreutils}/bin/cat
        create  user          debug:*      *             ${pkgs.keyutils}/share/keyutils/request-key-debug.sh %k %d %c %S
        negate  *             *            *             ${keyctl} negate %k 30 %S
      '';
  };
 }
--- a/host/ochsenchopf/default.nix
+++ b/host/ochsenchopf/default.nix
@ -8,7 +8,6 @@
    ../../defaults/hardware/thinkpad-x1-gen9.nix
    ../../defaults/base
    ../../defaults/cifs-auth-fix
    ../../defaults/desktop
  ];