The previous default behaviour when nix-darwin deletes users is that
their home directories are left intact, however as the `-keepHome` flag
for `sysadminctl -deleteUser` is broken, we'll need to switch back for
now.
`sysadminctl -deleteUser` will only prevent you from deleting the
current user if it's not the last admin and not the last secure token
user, otherwise it will happily oblige.
The upstream Nix UID/GID changes for Sequoia will require us to manage
a group with GID 350. That will require more work on our end to ensure
compatibility and a working migration path, but this is enough to
allow hacking around it locally in system configurations for now.
Properly detect the binary name (not just /nix/store/...-bash, but include the
.../bin/bash), and use the symlinked name which also appears in /etc/shells.
This process was automated by [my fork of `nix-doc-munge`]; thanks
to @pennae for writing this tool! It automatically checks that the
resulting documentation doesn't change, although my fork loosens
this a little to ignore some irrelevant whitespace and typographical
differences.
As of this commit there is no DocBook remaining in the options
documentation.
You can play along at home if you want to reproduce this commit:
$ NIX_PATH=nixpkgs=flake:nixpkgs/c1bca7fe84c646cfd4ebf3482c0e6317a0b13f22 \
nix shell nixpkgs#coreutils \
-c find . -name '*.nix' \
-exec nix run github:emilazy/nix-doc-munge/0a7190f600027bf7baf6cb7139e4d69ac2f51062 \
{} +
[my fork of `nix-doc-munge`]: https://github.com/emilazy/nix-doc-munge
According to some investigation creating "role" accounts avoids
migration problems when upgrading to certain macOS versions, so create
the build users to match that definition and remove the old ones if
present.
Role accounts require name starting with _ and UID in 200-400 range
Instead of a cryptic error during activation conflicting ids are now
caught during evaluation.
error: The option `users.uids.30001' has conflicting definitions
