From c9af5c2d1394d1bc34f4722998bcd51714ccd68c Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Thu, 24 Oct 2024 22:58:35 +1100 Subject: [PATCH] users: update properties on known users --- modules/users/default.nix | 5 ++++- tests/users-groups.nix | 13 ++++++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/modules/users/default.nix b/modules/users/default.nix index b636d6fe..f293f779 100644 --- a/modules/users/default.nix +++ b/modules/users/default.nix @@ -247,7 +247,10 @@ in dscl . -create ${dsclUser} IsHidden ${if v.isHidden then "1" else "0"} ${optionalString v.createHome "createhomedir -cu ${name}"} fi - # Always set the shell path, in case it was updated + + # Update properties on known users to keep them inline with configuration + dscl . -create ${dsclUser} PrimaryGroupID ${toString v.gid} + ${optionalString (v.description != null) "dscl . -create ${dsclUser} RealName ${lib.escapeShellArg v.description}"} dscl . -create ${dsclUser} UserShell ${lib.escapeShellArg (shellPath v.shell)} fi '') createdUsers} diff --git a/tests/users-groups.nix b/tests/users-groups.nix index fa6dcc30..d06eedd8 100644 --- a/tests/users-groups.nix +++ b/tests/users-groups.nix @@ -19,6 +19,8 @@ users.users.foo.shell = pkgs.bashInteractive; users.users."created.user".uid = 42001; + users.users."created.user".description = null; + users.users."unknown.user".uid = 42002; test = '' @@ -39,6 +41,7 @@ grep "dscl . -create ${lib.escapeShellArg "/Groups/created.group"} GroupMembership" ${config.out}/activate # checking unknown group in /activate + # checking groups not in knownGroups don't appear in /activate (! grep "dscl . -create ${lib.escapeShellArg "/Groups/unknown.group"}" ${config.out}/activate) (! grep "dscl . -delete ${lib.escapeShellArg "/Groups/unknown.group"}" ${config.out}/activate) @@ -50,15 +53,23 @@ (! grep "dscl . -delete ${lib.escapeShellArg "/Groups/created.user"}" ${config.out}/activate) # checking user properties always get updated in /activate + grep "dscl . -create ${lib.escapeShellArg "/Users/foo"} PrimaryGroupID 42000" ${config.out}/activate + grep "dscl . -create ${lib.escapeShellArg "/Users/foo"} RealName ${lib.escapeShellArg "Foo user"}" ${config.out}/activate + grep "createhomedir -cu ${lib.escapeShellArg "foo"}" ${config.out}/activate grep "dscl . -create ${lib.escapeShellArg "/Users/foo"} UserShell ${lib.escapeShellArg "/run/current-system/sw/bin/bash"}" ${config.out}/activate + grep "dscl . -create ${lib.escapeShellArg "/Users/foo"} IsHidden 0" ${config.out}/activate + + # checking user properties that are null don't get updated in /activate + (! grep "dscl . -create ${lib.escapeShellArg "/Users/created.user"} RealName" ${config.out}/activate) # checking user deletion in /activate grep "deleteUser ${lib.escapeShellArg "deleted.user"}" ${config.out}/activate (! grep "sysadminctl -addUser ${lib.escapeShellArg "deleted.user"}" ${config.out}/activate) - # checking unknown user in /activate + # checking that users not specified in knownUsers doesn't get changed in /activate (! grep "sysadminctl -addUser ${lib.escapeShellArg "unknown.user"}" ${config.out}/activate) (! grep "deleteUser ${lib.escapeShellArg "unknown.user"}" ${config.out}/activate) + (! grep "dscl . -create ${lib.escapeShellArg "/Users/unknown.user"}" ${config.out}/activate) set +v '';