mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2024-12-14 11:57:34 +00:00
Code Activity

users: remove users.forceRecreate option

Browse source
This commit is contained in:
Michael Hoang 2024-10-28 01:05:16 +11:00
parent a15a3d9f1f
commit c908607e8a
1 changed files with 18 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
modules/users/default.nix
View file

@ -41,6 +41,10 @@ let
in
{
imports = [
(lib.mkRemovedOptionModule [ "users" "forceRecreate" ] "")
];
options = {
users.knownGroups = mkOption {
type = types.listOf types.str;
@ -85,13 +89,6 @@ in
type = types.attrsOf types.str;
default = {};
};
users.forceRecreate = mkOption {
internal = true;
type = types.bool;
default = false;
description = "Remove and recreate existing groups/users.";
};
};
config = {
@ -152,33 +149,11 @@ in
fi
}
ensureDeletable() {
# TODO: add `darwin.primaryUser` as well
if [[ "$1" == "$USER" ]]; then
printf >&2 '\e[1;31merror: refusing to delete the user calling `darwin-rebuild` (%s), aborting activation\e[0m\n', "$1"
exit 1
elif [[ "$1" == "root" ]]; then
printf >&2 '\e[1;31merror: refusing to delete `root`, aborting activation\e[0m\n'
exit 1
fi
ensurePerms "$1" delete
}
${concatMapStringsSep "\n" (v: let
name = lib.escapeShellArg v.name;
dsclUser = lib.escapeShellArg "/Users/${v.name}";
in ''
${optionalString cfg.forceRecreate ''
u=$(id -u ${name} 2> /dev/null) || true
if [[ "$u" -eq ${toString v.uid} ]]; then
# TODO: add `darwin.primaryUser` as well
if [[ ${name} != "$USER" && ${name} != "root" ]]; then
ensureDeletable ${name}
fi
fi
''}
u=$(id -u ${name} 2> /dev/null) || true
if ! [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then
if [ -z "$u" ]; then
@ -203,11 +178,22 @@ in
fi
'') createdUsers}
${concatMapStringsSep "\n" (name: ''
u=$(id -u ${lib.escapeShellArg name} 2> /dev/null) || true
${concatMapStringsSep "\n" (v: let
name = lib.escapeShellArg v;
in ''
u=$(id -u ${name} 2> /dev/null) || true
if [ -n "$u" ]; then
if [ "$u" -gt 501 ]; then
ensureDeletable ${lib.escapeShellArg name}
# TODO: add `darwin.primaryUser` as well
if [[ ${name} == "$USER" ]]; then
printf >&2 '\e[1;31merror: refusing to delete the user calling `darwin-rebuild` (%s), aborting activation\e[0m\n', ${name}
exit 1
elif [[ ${name} == "root" ]]; then
printf >&2 '\e[1;31merror: refusing to delete `root`, aborting activation\e[0m\n'
exit 1
fi
ensurePerms ${name} delete
fi
fi
'') deletedUsers}
@ -219,17 +205,6 @@ in
${concatMapStringsSep "\n" (v: let
dsclGroup = lib.escapeShellArg "/Groups/${v.name}";
in ''
${optionalString cfg.forceRecreate ''
g=$(dscl . -read ${dsclGroup} PrimaryGroupID 2> /dev/null) || true
g=''${g#PrimaryGroupID: }
if [[ "$g" -eq ${toString v.gid} ]]; then
echo "deleting group ${v.name}..." >&2
dscl . -delete ${dsclGroup}
else
echo "warning: existing group '${v.name}' has unexpected gid $g, skipping..." >&2
fi
''}
g=$(dscl . -read ${dsclGroup} PrimaryGroupID 2> /dev/null) || true
g=''${g#PrimaryGroupID: }
if [ -z "$g" ]; then
@ -273,23 +248,6 @@ in
name = lib.escapeShellArg v.name;
dsclUser = lib.escapeShellArg "/Users/${v.name}";
in ''
${optionalString cfg.forceRecreate ''
u=$(id -u ${name} 2> /dev/null) || true
if [[ "$u" -eq ${toString v.uid} ]]; then
# TODO: add `darwin.primaryUser` as well
if [[ ${name} == "$SUDO_USER" ]]; then
printf >&2 'warning: not going to recreate the user calling `darwin-rebuild` (%s), skipping...\n' "$SUDO_USER"
elif [[ ${name} == "root" ]]; then
printf >&2 'warning: not going to recreate root, skipping...\n'
else
printf >&2 'deleting user ${v.name}...\n'
dscl . -delete ${dsclUser}
fi
else
echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2
fi
''}
u=$(id -u ${name} 2> /dev/null) || true
if [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then
echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2