security.pam.services.<name>.ttyAudit.openOnly

Set the TTY audit flag when opening the session, but do not restore it when closing the session. Using this option is necessary for some services that don't fork() to run the authenticated session, such as sudo.

Type

boolean

Default

false

Declared

<nixpkgs/nixos/modules/security/pam.nix>