From 75ec325cb981809103ff88683483016d477e54b1 Mon Sep 17 00:00:00 2001
From: Adam Stephens <adam@valkor.net>
Date: Tue, 23 Jan 2024 13:44:00 -0500
Subject: [PATCH] nixos/pam: remove pam_cgfs

pam_cgfs is a cgroups-v1 pam module. Verified with upstream that
this module no longer necessary on cgroups-v2 systems.
---
 nixos/modules/security/pam.nix         | 3 ---
 pkgs/os-specific/linux/lxc/default.nix | 2 --
 2 files changed, 5 deletions(-)

diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix
index 111be7057afc..ffbb558549f6 100644
--- a/nixos/modules/security/pam.nix
+++ b/nixos/modules/security/pam.nix
@@ -867,9 +867,6 @@ let
           { name = "gnupg"; enable = cfg.gnupg.enable; control = "optional"; modulePath = "${pkgs.pam_gnupg}/lib/security/pam_gnupg.so"; settings = {
             no-autostart = cfg.gnupg.noAutostart;
           }; }
-          { name = "cgfs"; enable = config.virtualisation.lxc.lxcfs.enable; control = "optional"; modulePath = "${pkgs.lxc}/lib/security/pam_cgfs.so"; args = [
-            "-c" "all"
-          ]; }
         ];
       };
     };
diff --git a/pkgs/os-specific/linux/lxc/default.nix b/pkgs/os-specific/linux/lxc/default.nix
index 518d79b622a6..6724651bbaf7 100644
--- a/pkgs/os-specific/linux/lxc/default.nix
+++ b/pkgs/os-specific/linux/lxc/default.nix
@@ -12,7 +12,6 @@
   nix-update-script,
   nixosTests,
   openssl,
-  pam,
   pkg-config,
   systemd,
 }:
@@ -41,7 +40,6 @@ stdenv.mkDerivation rec {
     libseccomp
     libselinux
     openssl
-    pam
     systemd
   ];