ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-12-26 21:33:03 +03:00
Code Issues Projects Releases Wiki Activity

Add option to enforce uniqueness of uids/gids (on by default)

Browse Source 
Signed-off-by: Shea Levy <shea@shealevy.com>
This commit is contained in:
Shea Levy 2014-02-07 09:57:28 -05:00
parent 5b243ad015
commit e058de1642
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
nixos/modules/config/users-groups.nix
View File

@ -252,6 +252,17 @@ let
mv -f $1.tmp $1 mv -f $1.tmp $1
''; '';
idsAreUnique = set: idAttr: !(fold (name: args@{ dup, acc }:
let
id = builtins.toString (builtins.getAttr idAttr (builtins.getAttr name set));
exists = builtins.hasAttr id acc;
newAcc = acc // (builtins.listToAttrs [ { name = id; value = true; } ]);
in if dup then args else if exists
then builtins.trace "Duplicate ${idAttr} ${id}" { dup = true; acc = null; }
else { dup = false; acc = newAcc; }
) { dup = false; acc = {}; } (builtins.attrNames set)).dup;
uidsAreUnique = idsAreUnique cfg.extraUsers "uid";
gidsAreUnique = idsAreUnique cfg.extraGroups "gid";
in in
{ {
@ -282,6 +293,14 @@ in
''; '';
}; };
users.enforceIdUniqueness = mkOption {
type = types.bool;
default = true;
description = ''
Whether to require that no two users/groups share the same uid/gid.
'';
};
users.extraUsers = mkOption { users.extraUsers = mkOption {
default = {}; default = {};
type = types.loaOf types.optionSet; type = types.loaOf types.optionSet;
@ -432,6 +451,8 @@ in
# for backwards compatibility # for backwards compatibility
system.activationScripts.groups = stringAfter [ "users" ] ""; system.activationScripts.groups = stringAfter [ "users" ] "";
assertions = [ { assertion = !cfg.enforceIdUniqueness || (uidsAreUnique && gidsAreUnique); message = "uids and gids must be unique!"; } ];
}; };
} }