mirrors/nix-darwin
mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2025-03-05 16:27:03 +00:00
Code Activity

users: remove users.forceRecreate option

Browse source
This commit is contained in:
Michael Hoang 2024-10-28 01:05:16 +11:00
parent a15a3d9f1f
commit c908607e8a
1 changed files with 18 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
modules/users/default.nix
View file

@ -41,6 +41,10 @@ let
in in
{ {
imports = [
(lib.mkRemovedOptionModule [ "users" "forceRecreate" ] "")
];
options = { options = {
users.knownGroups = mkOption { users.knownGroups = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
@ -85,13 +89,6 @@ in
type = types.attrsOf types.str; type = types.attrsOf types.str;
default = {}; default = {};
}; };
users.forceRecreate = mkOption {
internal = true;
type = types.bool;
default = false;
description = "Remove and recreate existing groups/users.";
};
}; };
config = { config = {
@ -152,33 +149,11 @@ in
fi fi
} }
ensureDeletable() {
# TODO: add `darwin.primaryUser` as well
if [[ "$1" == "$USER" ]]; then
printf >&2 '\e[1;31merror: refusing to delete the user calling `darwin-rebuild` (%s), aborting activation\e[0m\n', "$1"
exit 1
elif [[ "$1" == "root" ]]; then
printf >&2 '\e[1;31merror: refusing to delete `root`, aborting activation\e[0m\n'
exit 1
fi
ensurePerms "$1" delete
}
${concatMapStringsSep "\n" (v: let ${concatMapStringsSep "\n" (v: let
name = lib.escapeShellArg v.name; name = lib.escapeShellArg v.name;
dsclUser = lib.escapeShellArg "/Users/${v.name}"; dsclUser = lib.escapeShellArg "/Users/${v.name}";
in '' in ''
${optionalString cfg.forceRecreate ''
u=$(id -u ${name} 2> /dev/null) || true
if [[ "$u" -eq ${toString v.uid} ]]; then
# TODO: add `darwin.primaryUser` as well
if [[ ${name} != "$USER" && ${name} != "root" ]]; then
ensureDeletable ${name}
fi
fi
''}
u=$(id -u ${name} 2> /dev/null) || true u=$(id -u ${name} 2> /dev/null) || true
if ! [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then if ! [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then
if [ -z "$u" ]; then if [ -z "$u" ]; then
@ -203,11 +178,22 @@ in
fi fi
'') createdUsers} '') createdUsers}
${concatMapStringsSep "\n" (name: '' ${concatMapStringsSep "\n" (v: let
u=$(id -u ${lib.escapeShellArg name} 2> /dev/null) || true name = lib.escapeShellArg v;
in ''
u=$(id -u ${name} 2> /dev/null) || true
if [ -n "$u" ]; then if [ -n "$u" ]; then
if [ "$u" -gt 501 ]; then if [ "$u" -gt 501 ]; then
ensureDeletable ${lib.escapeShellArg name} # TODO: add `darwin.primaryUser` as well
if [[ ${name} == "$USER" ]]; then
printf >&2 '\e[1;31merror: refusing to delete the user calling `darwin-rebuild` (%s), aborting activation\e[0m\n', ${name}
exit 1
elif [[ ${name} == "root" ]]; then
printf >&2 '\e[1;31merror: refusing to delete `root`, aborting activation\e[0m\n'
exit 1
fi
ensurePerms ${name} delete
fi fi
fi fi
'') deletedUsers} '') deletedUsers}
@ -219,17 +205,6 @@ in
${concatMapStringsSep "\n" (v: let ${concatMapStringsSep "\n" (v: let
dsclGroup = lib.escapeShellArg "/Groups/${v.name}"; dsclGroup = lib.escapeShellArg "/Groups/${v.name}";
in '' in ''
${optionalString cfg.forceRecreate ''
g=$(dscl . -read ${dsclGroup} PrimaryGroupID 2> /dev/null) || true
g=''${g#PrimaryGroupID: }
if [[ "$g" -eq ${toString v.gid} ]]; then
echo "deleting group ${v.name}..." >&2
dscl . -delete ${dsclGroup}
else
echo "warning: existing group '${v.name}' has unexpected gid $g, skipping..." >&2
fi
''}
g=$(dscl . -read ${dsclGroup} PrimaryGroupID 2> /dev/null) || true g=$(dscl . -read ${dsclGroup} PrimaryGroupID 2> /dev/null) || true
g=''${g#PrimaryGroupID: } g=''${g#PrimaryGroupID: }
if [ -z "$g" ]; then if [ -z "$g" ]; then
@ -273,23 +248,6 @@ in
name = lib.escapeShellArg v.name; name = lib.escapeShellArg v.name;
dsclUser = lib.escapeShellArg "/Users/${v.name}"; dsclUser = lib.escapeShellArg "/Users/${v.name}";
in '' in ''
${optionalString cfg.forceRecreate ''
u=$(id -u ${name} 2> /dev/null) || true
if [[ "$u" -eq ${toString v.uid} ]]; then
# TODO: add `darwin.primaryUser` as well
if [[ ${name} == "$SUDO_USER" ]]; then
printf >&2 'warning: not going to recreate the user calling `darwin-rebuild` (%s), skipping...\n' "$SUDO_USER"
elif [[ ${name} == "root" ]]; then
printf >&2 'warning: not going to recreate root, skipping...\n'
else
printf >&2 'deleting user ${v.name}...\n'
dscl . -delete ${dsclUser}
fi
else
echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2
fi
''}
u=$(id -u ${name} 2> /dev/null) || true u=$(id -u ${name} 2> /dev/null) || true
if [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then if [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then
echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2 echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2