Add user option ‘isAlias’ to allow one user account to alias another
This commit is contained in:
parent
c8628e0293
commit
7efde0740e
@ -86,6 +86,12 @@ let
|
|||||||
";
|
";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
isAlias = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = "If true, the UID of this user is not required to be unique and can thus alias another user.";
|
||||||
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
@ -122,12 +128,12 @@ let
|
|||||||
|
|
||||||
# Note: the 'X' in front of the password is to distinguish between
|
# Note: the 'X' in front of the password is to distinguish between
|
||||||
# having an empty password, and not having a password.
|
# having an empty password, and not having a password.
|
||||||
serializedUser = userName: let u = getAttr userName config.users.extraUsers; in "${u.name}\n${u.description}\n${if u.uid != null then toString u.uid else ""}\n${u.group}\n${toString (concatStringsSep "," u.extraGroups)}\n${u.home}\n${u.shell}\n${toString u.createHome}\n${if u.password != null then "X" + u.password else ""}\n${toString u.isSystemUser}\n${if u.createUser then "yes" else "no"}\n";
|
serializedUser = u: "${u.name}\n${u.description}\n${if u.uid != null then toString u.uid else ""}\n${u.group}\n${toString (concatStringsSep "," u.extraGroups)}\n${u.home}\n${u.shell}\n${toString u.createHome}\n${if u.password != null then "X" + u.password else ""}\n${toString u.isSystemUser}\n${toString u.createUser}\n${toString u.isAlias}\n";
|
||||||
|
|
||||||
# keep this extra file so that cat can be used to pass special chars such as "`" which is used in the avahi daemon
|
|
||||||
usersFile = pkgs.writeText "users" (
|
usersFile = pkgs.writeText "users" (
|
||||||
concatMapStrings serializedUser (attrNames config.users.extraUsers)
|
let
|
||||||
);
|
p = partition (u: u.isAlias) (attrValues config.users.extraUsers);
|
||||||
|
in concatStrings (map serializedUser p.wrong ++ map serializedUser p.right));
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
@ -243,8 +249,9 @@ in
|
|||||||
read password
|
read password
|
||||||
read isSystemUser
|
read isSystemUser
|
||||||
read createUser
|
read createUser
|
||||||
|
read isAlias
|
||||||
|
|
||||||
if ! test "$createUser" = "yes"; then
|
if [ -z "$createUser" ]; then
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -257,6 +264,7 @@ in
|
|||||||
--home "$home" \
|
--home "$home" \
|
||||||
--shell "$shell" \
|
--shell "$shell" \
|
||||||
''${createHome:+--create-home} \
|
''${createHome:+--create-home} \
|
||||||
|
''${isAlias:+--non-unique} \
|
||||||
"$name"
|
"$name"
|
||||||
if test "''${password:0:1}" = 'X'; then
|
if test "''${password:0:1}" = 'X'; then
|
||||||
(echo "''${password:1}"; echo "''${password:1}") | ${pkgs.shadow}/bin/passwd "$name"
|
(echo "''${password:1}"; echo "''${password:1}") | ${pkgs.shadow}/bin/passwd "$name"
|
||||||
|
Loading…
Reference in New Issue
Block a user