From 850eabce441b39375cafb07fb779a8c0fa263bdd Mon Sep 17 00:00:00 2001
From: Michael Hoang <enzime@users.noreply.github.com>
Date: Sat, 23 Dec 2023 22:41:58 +1100
Subject: [PATCH] etc: add known hash for `/etc/shells`

---
 ...b481820d12e693093293ba33c73854909ad7b0fb192c2db193 | 11 +++++++++++
 modules/system/shells.nix                             |  4 ++++
 2 files changed, 15 insertions(+)
 create mode 100644 doc/known-files/9d5aa72f807091b481820d12e693093293ba33c73854909ad7b0fb192c2db193

diff --git a/doc/known-files/9d5aa72f807091b481820d12e693093293ba33c73854909ad7b0fb192c2db193 b/doc/known-files/9d5aa72f807091b481820d12e693093293ba33c73854909ad7b0fb192c2db193
new file mode 100644
index 00000000..c3977df9
--- /dev/null
+++ b/doc/known-files/9d5aa72f807091b481820d12e693093293ba33c73854909ad7b0fb192c2db193
@@ -0,0 +1,11 @@
+# List of acceptable shells for chpass(1).
+# Ftpd will not allow users to connect who are not using
+# one of these shells.
+
+/bin/bash
+/bin/csh
+/bin/dash
+/bin/ksh
+/bin/sh
+/bin/tcsh
+/bin/zsh
diff --git a/modules/system/shells.nix b/modules/system/shells.nix
index b3ecf30e..93993270 100644
--- a/modules/system/shells.nix
+++ b/modules/system/shells.nix
@@ -41,5 +41,9 @@ in
       ${concatStringsSep "\n" cfg.shells}
     '';
 
+    environment.etc."shells".knownSha256Hashes = [
+      "9d5aa72f807091b481820d12e693093293ba33c73854909ad7b0fb192c2db193"  # macOS
+    ];
+
   };
 }