From 9a6b12b9ef35cf4ac4970f94791b3dd734c0da96 Mon Sep 17 00:00:00 2001
From: Michael Hoang <enzime@users.noreply.github.com>
Date: Tue, 22 Oct 2024 06:58:23 +1100
Subject: [PATCH] users: use `lib.escapeShellArg` for `id -u`

---
 modules/users/default.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/users/default.nix b/modules/users/default.nix
index ead996c3..ffceb9b9 100644
--- a/modules/users/default.nix
+++ b/modules/users/default.nix
@@ -147,7 +147,7 @@ in
 
       ${concatMapStringsSep "\n" (v: ''
         ${optionalString cfg.forceRecreate ''
-          u=$(id -u '${v.name}' 2> /dev/null) || true
+          u=$(id -u ${lib.escapeShellArg v.name} 2> /dev/null) || true
           if [[ "$u" -eq ${toString v.uid} ]]; then
             echo "deleting user ${v.name}..." >&2
             sysadminctl -deleteUser '${v.name}' 2> /dev/null
@@ -156,7 +156,7 @@ in
           fi
         ''}
 
-        u=$(id -u '${v.name}' 2> /dev/null) || true
+        u=$(id -u ${lib.escapeShellArg v.name} 2> /dev/null) || true
         if [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then
           echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2
         else
@@ -177,7 +177,7 @@ in
       '') createdUsers}
 
       ${concatMapStringsSep "\n" (name: ''
-        u=$(id -u '${name}' 2> /dev/null) || true
+        u=$(id -u ${lib.escapeShellArg name} 2> /dev/null) || true
         if [ -n "$u" ]; then
           if [ "$u" -gt 501 ]; then
             echo "deleting user ${name}..." >&2