5

I decided to start using kwallet since it comes with kde on nixos. I would like to set it up to unlock automatically though. On the arch linux wiki there is a section that covers this here here. But how can I do this on nixos? Should I use the configuration.nix or /etc/pam.d/kde?

Improve this question
3
  • Same question about GNOME Keyring. Commented Feb 12, 2017 at 13:09
  • 1
    Try upgrading to NixOS 18.03 and set security.pam.services."your_display_manager".enableKwallet = true. Commented Mar 31, 2018 at 22:48
  • /etc/pam.d contains only symlinks to generated files in the nix store. Don't edit those. Commented Apr 2, 2018 at 16:36

2 Answers 2

Reset to default
3

If you're using plasma5 I believe this is already enabled.

You can use the security.pam.services.<name?>.enableKwallet option.

Add to your config:

security.pam.services.kwallet = {
  name = "kwallet";
  enableKwallet = true;
};

This will add the neccesary pam entry in /etc/pam.d

$ cat /etc/static/pam.d/kwallet

# Account management.
account sufficient pam_unix.so

# Authentication management.

auth required pam_unix.so  likeauth

auth optional /nix/store/llds2sy99zg92lrk9gsfzhpz7f6wnxdy-kwallet-pam-5.8.6/lib/security/pam_kwallet5.so kwalletd=/nix/store/x9q0g102hlxx60jb332xmdpq76ia1bja-kwallet-5.31.0/bin/kwalletd5
auth sufficient pam_unix.so  likeauth try_first_pass

auth required pam_deny.so

# Password management.
password requisite pam_unix.so nullok sha512

# Session management.
session required pam_env.so envfile=/nix/store/5ninxpd3cmysfzlhij1afymd0gyg7x0p-pam-environment

session required pam_unix.so

session optional /nix/store/llds2sy99zg92lrk9gsfzhpz7f6wnxdy-kwallet-pam-5.8.6/lib/security/pam_kwallet5.so kwalletd=/nix/store/x9q0g102hlxx60jb332xmdpq76ia1bja-kwallet-5.31.0/bin/kwalletd5
Improve this answer
0

you can use security.pam.services to set this up. something along this lines

security.pam.services = [
  { name = "kde";
    text = ''
      auth            optional        pam_kwallet.so kdehome=.kde4
      session         optional        pam_kwallet.so
    '';
  }
]
Improve this answer
2
  • I tried it and got this error in the kdm.log klauncher(993) kdemain: No DBUS session-bus found. Check if you have started the DBUS server. kdeinit4: Communication error with launcher. Exiting! kdmgreet(987)/kdecore (KTimeZone): KSystemTimeZones: ktimezoned initialize() D-Bus call failed: "Not connected to D-Bus server" kdmgreet(987)/kdecore (KTimeZone): No time zone information obtained from ktimezoned (II) AIGLX: Suspending AIGLX clients for VT switch (II) AIGLX: Suspending AIGLX clients for VT switch Commented May 7, 2016 at 18:32
  • I have the same question about GNOME Keyring. Is the procedure documented somewhere? Commented Feb 12, 2017 at 13:10

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.