nixos/users-groups: Use user name not attribute name for /etc/profiles/...

This cropped up, because I have a set-up where my work username is
different to my home desktop username, and I am using a parameterized
config for both, so I have something akin to

    config.users.users.default-user = ...;

and using

    config.users.users.default-user.{name, home}

in certain places to cope with this. Noticed my home-manager bought in
packages (which use the users.users.<name>.packages hence NixOS issue
not home-manager) weren't present.
This commit is contained in:
Kovacsics Robert 2020-06-09 17:22:05 +01:00
parent 0c98cef613
commit af4adb1dd2

View File

@ -593,8 +593,8 @@ in {
# password or an SSH authorized key. Privileged accounts are
# root and users in the wheel group.
assertion = !cfg.mutableUsers ->
any id ((mapAttrsToList (name: cfg:
(name == "root"
any id ((mapAttrsToList (_: cfg:
(cfg.name == "root"
|| cfg.group == "wheel"
|| elem "wheel" cfg.extraGroups)
&&
@ -615,16 +615,16 @@ in {
assertion = (user.hashedPassword != null)
-> (builtins.match ".*:.*" user.hashedPassword == null);
message = ''
The password hash of user "${name}" contains a ":" character.
The password hash of user "${user.name}" contains a ":" character.
This is invalid and would break the login system because the fields
of /etc/shadow (file where hashes are stored) are colon-separated.
Please check the value of option `users.users."${name}".hashedPassword`.'';
Please check the value of option `users.users."${user.name}".hashedPassword`.'';
}
);
warnings =
builtins.filter (x: x != null) (
flip mapAttrsToList cfg.users (name: user:
flip mapAttrsToList cfg.users (_: user:
# This regex matches a subset of the Modular Crypto Format (MCF)[1]
# informal standard. Since this depends largely on the OS or the
# specific implementation of crypt(3) we only support the (sane)
@ -647,9 +647,9 @@ in {
&& user.hashedPassword != "" # login without password
&& builtins.match mcf user.hashedPassword == null)
then ''
The password hash of user "${name}" may be invalid. You must set a
The password hash of user "${user.name}" may be invalid. You must set a
valid hash or the user will be locked out of their account. Please
check the value of option `users.users."${name}".hashedPassword`.''
check the value of option `users.users."${user.name}".hashedPassword`.''
else null
));