commit 14321ae2431e33f5ed81f1ee43eddd29c7e9d01d · pyrox.dev/nixpkgs

+16 -16

nixos/modules/config/users-groups.nix

···

       336
       336
        
           map (range: "${user.name}:${toString range.startUid}:${toString range.count}\n")

     

       337
       337
        
             user.subUidRanges);

     

       338
       338
        
       

     

       339
       339
       -
         subuidFile = concatStrings (map mkSubuidEntry (attrValues cfg.extraUsers));

     

       339
       339
       +
         subuidFile = concatStrings (map mkSubuidEntry (attrValues cfg.users));

     

       340
       340
        
       

     

       341
       341
        
         mkSubgidEntry = user: concatStrings (

     

       342
       342
        
           map (range: "${user.name}:${toString range.startGid}:${toString range.count}\n")

     

       343
       343
        
               user.subGidRanges);

     

       344
       344
        
       

     

       345
       345
       -
         subgidFile = concatStrings (map mkSubgidEntry (attrValues cfg.extraUsers));

     

       345
       345
       +
         subgidFile = concatStrings (map mkSubgidEntry (attrValues cfg.users));

     

       346
       346
        
       

     

       347
       347
        
         idsAreUnique = set: idAttr: !(fold (name: args@{ dup, acc }:

     

       348
       348
        
           let

     
···

       354
       354
        
             else { dup = false; acc = newAcc; }

     

       355
       355
        
           ) { dup = false; acc = {}; } (builtins.attrNames set)).dup;

     

       356
       356
        
       

     

       357
       357
       -
         uidsAreUnique = idsAreUnique (filterAttrs (n: u: u.uid != null) cfg.extraUsers) "uid";

     

       358
       358
       -
         gidsAreUnique = idsAreUnique (filterAttrs (n: g: g.gid != null) cfg.extraGroups) "gid";

     

       357
       357
       +
         uidsAreUnique = idsAreUnique (filterAttrs (n: u: u.uid != null) cfg.users) "uid";

     

       358
       358
       +
         gidsAreUnique = idsAreUnique (filterAttrs (n: g: g.gid != null) cfg.groups) "gid";

     

       359
       359
        
       

     

       360
       360
        
         spec = pkgs.writeText "users-groups.json" (builtins.toJSON {

     

       361
       361
        
           inherit (cfg) mutableUsers;

     
···

       364
       364
        
                 name uid group description home shell createHome isSystemUser

     

       365
       365
        
                 password passwordFile hashedPassword

     

       366
       366
        
                 initialPassword initialHashedPassword;

     

       367
       367
       -
             }) cfg.extraUsers;

     

       367
       367
       +
             }) cfg.users;

     

       368
       368
        
           groups = mapAttrsToList (n: g:

     

       369
       369
        
             { inherit (g) name gid;

     

       370
       370
        
               members = g.members ++ (mapAttrsToList (n: u: u.name) (

     

       371
       371
       -
                 filterAttrs (n: u: elem g.name u.extraGroups) cfg.extraUsers

     

       371
       371
       +
                 filterAttrs (n: u: elem g.name u.extraGroups) cfg.users

     

       372
       372
        
               ));

     

       373
       373
       -
             }) cfg.extraGroups;

     

       373
       373
       +
             }) cfg.groups;

     

       374
       374
        
         });

     

       375
       375
        
       

     

       376
       376
        
       in {

     
···

       388
       388
        
               <literal>groupadd</literal> commands. On system activation, the

     

       389
       389
        
               existing contents of the <literal>/etc/passwd</literal> and

     

       390
       390
        
               <literal>/etc/group</literal> files will be merged with the

     

       391
       391
       -
               contents generated from the <literal>users.extraUsers</literal> and

     

       392
       392
       -
               <literal>users.extraGroups</literal> options.

     

       391
       391
       +
               contents generated from the <literal>users.users</literal> and

     

       392
       392
       +
               <literal>users.groups</literal> options.

     

       393
       393
        
               The initial password for a user will be set

     

       394
       394
       -
               according to <literal>users.extraUsers</literal>, but existing passwords

     

       394
       394
       +
               according to <literal>users.users</literal>, but existing passwords

     

       395
       395
        
               will not be changed.

     

       396
       396
        
       

     

       397
       397
        
               <warning><para>

     
···

       399
       399
        
               group files will simply be replaced on system activation. This also

     

       400
       400
        
               holds for the user passwords; all changed

     

       401
       401
        
               passwords will be reset according to the

     

       402
       402
       -
               <literal>users.extraUsers</literal> configuration on activation.

     

       402
       402
       +
               <literal>users.users</literal> configuration on activation.

     

       403
       403
        
               </para></warning>

     

       404
       404
        
             '';

     

       405
       405
        
           };

     
···

       412
       412
        
             '';

     

       413
       413
        
           };

     

       414
       414
        
       

     

       415
       415
       -
           users.extraUsers = mkOption {

     

       415
       415
       +
           users.users = mkOption {

     

       416
       416
        
             default = {};

     

       417
       417
        
             type = types.loaOf types.optionSet;

     

       418
       418
        
             example = {

     
···

       433
       433
        
             options = [ userOpts ];

     

       434
       434
        
           };

     

       435
       435
        
       

     

       436
       436
       -
           users.extraGroups = mkOption {

     

       436
       436
       +
           users.groups = mkOption {

     

       437
       437
        
             default = {};

     

       438
       438
        
             example =

     

       439
       439
        
               { students.gid = 1001;

     
···

       461
       461
        
       

     

       462
       462
        
         config = {

     

       463
       463
        
       

     

       464
       464
       -
           users.extraUsers = {

     

       464
       464
       +
           users.users = {

     

       465
       465
        
             root = {

     

       466
       466
        
               uid = ids.uids.root;

     

       467
       467
        
               description = "System administrator";

     
···

       478
       478
        
             };

     

       479
       479
        
           };

     

       480
       480
        
       

     

       481
       481
       -
           users.extraGroups = {

     

       481
       481
       +
           users.groups = {

     

       482
       482
        
             root.gid = ids.gids.root;

     

       483
       483
        
             wheel.gid = ids.gids.wheel;

     

       484
       484
        
             disk.gid = ids.gids.disk;

     
···

       541
       541
        
                    || cfg.passwordFile != null

     

       542
       542
        
                    || cfg.openssh.authorizedKeys.keys != []

     

       543
       543
        
                    || cfg.openssh.authorizedKeys.keyFiles != [])

     

       544
       544
       -
                 ) cfg.extraUsers);

     

       544
       544
       +
                 ) cfg.users);

     

       545
       545
        
               message = ''

     

       546
       546
        
                 Neither the root account nor any wheel user has a password or SSH authorized key.

     

       547
       547
        
                 You must set one to prevent being locked out of your system.'';

nixos/modules/rename.nix

···

       77
       77
        
       ++ obsolete [ "environment" "nix" ] [ "nix" "package" ]

     

       78
       78
        
       ++ obsolete [ "fonts" "enableFontConfig" ] [ "fonts" "fontconfig" "enable" ]

     

       79
       79
        
       ++ obsolete [ "fonts" "extraFonts" ] [ "fonts" "fonts" ]

     

       80
       80
       +
       ++ alias [ "users" "extraUsers" ] [ "users" "users" ]

     

       81
       81
       +
       ++ alias [ "users" "extraGroups" ] [ "users" "groups" ]

     

       80
       82
        
       

     

       81
       83
        
       ++ obsolete [ "security" "extraSetuidPrograms" ] [ "security" "setuidPrograms" ]

     

       82
       84
        
       ++ obsolete [ "networking" "enableWLAN" ] [ "networking" "wireless" "enable" ]

+1 -1

nixos/modules/services/networking/ssh/sshd.nix

···

       214
       214
        
       

     

       215
       215
        
           };

     

       216
       216
        
       

     

       217
       217
       -
           users.extraUsers = mkOption {

     

       217
       217
       +
           users.users = mkOption {

     

       218
       218
        
             options = [ userOptions ];

     

       219
       219
        
           };

     

       220
       220