I’ve been rebuilding my current flake for a system, and integrating sops-nix for secrets management. So far, I’ve got my wireless good, and seemingly a password good, however I get the following situation: When I login, my password is fine. No issues. If I try to sudo or heaven-forbid let my computer lock, my password immediately is wrong, and nothing I do can fix it. If the computer locks, I have to hard shut it down right now. In order for me to create a new generation, I have to load up in an iso, change roots with nixos-enter and run a rebuild or install to get any kind of updates. I do have mutableUsers set to false right now. Is that causing this issue? Searching high and low hasn’t answered this for me, or maybe I’m just not finding the right answer.
How did you configure sudo and your login screen? I know e.g. swaylock will behave like that if it doesn’t have PAM permissions, the same thing can happen with sudo depending on config.
My user is a part of the wheel group (confirmed when I can login), and swaylock shouldn’t be enabled as I’m not using any wayland-based components on this system yet. It does give me some pause, as there may be some components in my config that I will look into.
Right now, the login is sddm, as I haven’t gotten around to configuring things like greetd.
Sounds like that isn’t it, but mutableUsers = false + initial login working sounds more like an issue with PAM than with an immutable file randomly changing on login…
If you have your config on GitHub or such, would probably help to see it in full.
I think I may have found it. PAM+swaylock was it, as I had security.pam.services = { swaylock = {}; }; in my user configuration. I would not have thought that would do it, but it makes perfect sense in retrospect. When I ran a nixos-rebuild in minmal + nixos-enter, it came back with a PAM account management error. Now I’m getting different errors, so off to troubleshoot those. Thanks!