summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorDomen Kožar <domen@dev.si>2015-01-02 17:32:33 +0100
committerDomen Kožar <domen@dev.si>2015-01-02 17:32:56 +0100
commit1f523bb23d518bb6eddc632b7840388dcad2b69e (patch)
treebe11b5516ce9a31b3abfeedf71dba92ebb5e12df /nixos
parentfee59b1235e658954b207ff6679264654c4708d2 (diff)
clarify things about hashed passwords and mutableUsers
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/config/users-groups.nix27


1 files changed, 19 insertions, 8 deletions
diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix
index 256c5888cb947..aee9bb7722a07 100644
--- a/nixos/modules/config/users-groups.nix
+++ b/nixos/modules/config/users-groups.nix
@@ -25,6 +25,11 @@ let
     options.
   '';
 
+  hashedPasswordDescription = ''
+    To generate hashed password install <literal>mkpassword</literal>
+    package and run <literal>mkpasswd -m sha-512</literal>.
+  '';
+
   userOpts = { name, config, ... }: {
 
     options = {
@@ -165,6 +170,7 @@ let
         description = ''
           Specifies the hashed password for the user.
           ${passwordDescription}
+          ${hashedPasswordDescription}
         '';
       };
 
@@ -202,6 +208,8 @@ let
           password can be changed subsequently using the
           <command>passwd</command> command. Otherwise, it's
           equivalent to setting the <option>password</option> option.
+
+          ${hashedPasswordDescription}
         '';
       };
 
@@ -366,21 +374,24 @@ in {
       type = types.bool;
       default = true;
       description = ''
-        If true, you are free to add new users and groups to the system
+        If set to <literal>true</literal>, you are free to add new users and groups to the system
         with the ordinary <literal>useradd</literal> and
         <literal>groupadd</literal> commands. On system activation, the
         existing contents of the <literal>/etc/passwd</literal> and
         <literal>/etc/group</literal> files will be merged with the
         contents generated from the <literal>users.extraUsers</literal> and
-        <literal>users.extraGroups</literal> options. If
-        <literal>mutableUsers</literal> is false, the contents of the user and
-        group files will simply be replaced on system activation. This also
-        holds for the user passwords; if this option is false, all changed
-        passwords will be reset according to the
-        <literal>users.extraUsers</literal> configuration on activation. If
-        this option is true, the initial password for a user will be set
+        <literal>users.extraGroups</literal> options.
+        The initial password for a user will be set
         according to <literal>users.extraUsers</literal>, but existing passwords
         will not be changed.
+
+        <warning>
+        If set to <literal>false</literal>, the contents of the user and
+        group files will simply be replaced on system activation. This also
+        holds for the user passwords; all changed
+        passwords will be reset according to the
+        <literal>users.extraUsers</literal> configuration on activation.
+        </warning>
       '';
     };
 

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-07 17:16:06 +0000