Sshd *must* use PAM because we depend on it for proper session
management. The original goal of this option (disabling password
logins) can also be implemented by removing pam_auth authentication
from sshd's PAM service.
That is, you can say
security.pam.services.sshd = { options... };
instead of
security.pam.services = [ { name = "sshd"; options... } ];
making it easier to override PAM settings from other modules.
Previously logging in via SLiM more than once didn't work because SLiM
doesn't clean up its PAM session properly (that is, in a child rather
than in the parent). Thus the slim process becomes part of the user
session's cgroup, among other things. This patch causes SLiM to exit
after the session has finished, after which systemd will restart
display-manager.service.
FixesNixOS/nixops#137.
Twisted provides option to log with syslog, this enables nicer logging.
Imagine what happens in a case of exception. If logs are written to stdout,
traceback won't be merged thus giving ugly logs. This commit fixes that.
This is also one of the official ways of starting carbon, so no worries.
vsftpd improvements:
- intorduce one declarative list of options
- make docummentation strings more understandable and add missing options
such as SSL/TLS support
- Use environment.etc."vsftpd".text because I can't think about any
reason why a shell script should be used.
That code was written in 2009.