Commit Graph

7 Commits

Author SHA1 Message Date
Eelco Dolstra
16cf3ee9da Ensure that the home directory exists even if the user already exists 2015-02-24 11:57:38 +01:00
Rüdiger Sonderfeld
fa1cec1037 update-users-groups.pl: Use UTF-8 instead of latin1.
Perl seems to write the file in latin1 independent of the actual input
encoding.  This can corrupt the "description" field of /etc/passwd.  By
setting "binmode" to ":utf8" Perl can be forced to write UTF-8.  Ideally
the program would simply read/write the fields by value without any
changes in encoding.  However, assuming/enforcing UTF-8 is a lot better
than using an obsolete coding like latin1.
2014-11-08 19:25:17 +01:00
Eelco Dolstra
3696536115 Handle removing a password if mutableUsers = false 2014-11-03 12:32:27 +01:00
Eelco Dolstra
1b53a3fcb7 Add initialPassword and initialHashedPassword options
These are like password and hashedPassword, except that they only
apply when the user is initially created.
2014-11-03 12:32:19 +01:00
Eelco Dolstra
a9f5e77e2f update-users-groups.pl: Generate hashed passwords internally
I.e. don't call "passwd" to update /etc/shadow from the "password"
option. This has the side-effect of not updating the password if
mutableUsers = true (since the code path for "hashedPassword" has a
check for mutableUsers).

Fixes #4747.
2014-10-31 17:42:09 +01:00
Eelco Dolstra
6dc5db3850 Fix setting an empty password 2014-08-18 17:12:56 +02:00
Eelco Dolstra
1a75958be5 Unify mutableUsers = { true, false }
With mutableUsers = true, we now ensure that all users and groups that
were created declaratively, are updated or removed
appropriately. Thus, adding a user to users.extraUsers and then
removing it now causes the acoount to be removed from
/etc/passwd. Thus user/group management is fully congruent except that
users and groups that were created imperatively (via useradd/groupadd)
are not touched. We distinguish between declarative and imperative
users/groups by tracking the former in
/var/lib/nixos/declarative-{groups,users}.

With mutableUsers = false, you are now no longer required to specify
UIDs/GIDs for all users. The handling of mutableUsers = true/false is
the same code path; the only difference is that the "false" mode
ignores the existing contents of /etc/{passwd,group}.

The attribute ‘createUser’ is gone. It doesn't really make sense to
specify users that shouldn't be created.
2014-08-15 02:15:29 +02:00