diff options
author | Will Fancher <elvishjerricco@gmail.com> | 2024-05-26 20:17:06 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-05-26 20:17:06 -0400 |
commit | 0415aec2006bb384175851751e6ba915877486e7 (patch) | |
tree | c136424bbcc851c659cb16c389166d349c8057ec /nixos/modules/system | |
parent | 610ee378fcf718b9cc655efa81dc34cf907c72ad (diff) | |
parent | e339f0a1fbf7463ca9d11d9878c01a5efd9957b8 (diff) |
Merge pull request #297250 from NickCao/sysuser
nixos/systemd-sysusers: make uid/gid allocation stable
Diffstat (limited to 'nixos/modules/system')
-rw-r--r-- | nixos/modules/system/boot/systemd/sysusers.nix | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/nixos/modules/system/boot/systemd/sysusers.nix b/nixos/modules/system/boot/systemd/sysusers.nix index de70009705973..476251e140456 100644 --- a/nixos/modules/system/boot/systemd/sysusers.nix +++ b/nixos/modules/system/boot/systemd/sysusers.nix @@ -12,7 +12,7 @@ let ${lib.concatLines (lib.mapAttrsToList (username: opts: let - uid = if opts.uid == null then "-" else toString opts.uid; + uid = if opts.uid == null then "/var/lib/nixos/uid/${username}" else toString opts.uid; in ''u ${username} ${uid}:${opts.group} "${opts.description}" ${opts.home} ${utils.toShellPath opts.shell}'' ) @@ -21,7 +21,7 @@ let # Groups ${lib.concatLines (lib.mapAttrsToList - (groupname: opts: ''g ${groupname} ${if opts.gid == null then "-" else toString opts.gid}'') userCfg.groups) + (groupname: opts: ''g ${groupname} ${if opts.gid == null then "/var/lib/nixos/gid/${groupname}" else toString opts.gid}'') userCfg.groups) } # Group membership @@ -106,6 +106,23 @@ in }; }) (lib.filterAttrs (_username: opts: opts.home != "/var/empty") userCfg.users); + + # Create uid/gid marker files for those without an explicit id + tmpfiles.settings.nixos-uid = lib.mapAttrs' + (username: opts: lib.nameValuePair "/var/lib/nixos/uid/${username}" { + f = { + user = username; + }; + }) + (lib.filterAttrs (_username: opts: opts.uid == null) userCfg.users); + + tmpfiles.settings.nixos-gid = lib.mapAttrs' + (groupname: opts: lib.nameValuePair "/var/lib/nixos/gid/${groupname}" { + f = { + group = groupname; + }; + }) + (lib.filterAttrs (_groupname: opts: opts.gid == null) userCfg.groups); }) (lib.mkIf config.users.mutableUsers { |