Merge pull request #89951 from KoviRobi/nixos-user-name-not-attr-name
nixos/users-groups: Use user name not attribute name for /etc/profiles/…
This commit is contained in:
commit
e2080b39e6
@ -593,8 +593,8 @@ in {
|
||||
# password or an SSH authorized key. Privileged accounts are
|
||||
# root and users in the wheel group.
|
||||
assertion = !cfg.mutableUsers ->
|
||||
any id ((mapAttrsToList (name: cfg:
|
||||
(name == "root"
|
||||
any id ((mapAttrsToList (_: cfg:
|
||||
(cfg.name == "root"
|
||||
|| cfg.group == "wheel"
|
||||
|| elem "wheel" cfg.extraGroups)
|
||||
&&
|
||||
@ -615,16 +615,16 @@ in {
|
||||
assertion = (user.hashedPassword != null)
|
||||
-> (builtins.match ".*:.*" user.hashedPassword == null);
|
||||
message = ''
|
||||
The password hash of user "${name}" contains a ":" character.
|
||||
The password hash of user "${user.name}" contains a ":" character.
|
||||
This is invalid and would break the login system because the fields
|
||||
of /etc/shadow (file where hashes are stored) are colon-separated.
|
||||
Please check the value of option `users.users."${name}".hashedPassword`.'';
|
||||
Please check the value of option `users.users."${user.name}".hashedPassword`.'';
|
||||
}
|
||||
);
|
||||
|
||||
warnings =
|
||||
builtins.filter (x: x != null) (
|
||||
flip mapAttrsToList cfg.users (name: user:
|
||||
flip mapAttrsToList cfg.users (_: user:
|
||||
# This regex matches a subset of the Modular Crypto Format (MCF)[1]
|
||||
# informal standard. Since this depends largely on the OS or the
|
||||
# specific implementation of crypt(3) we only support the (sane)
|
||||
@ -647,9 +647,9 @@ in {
|
||||
&& user.hashedPassword != "" # login without password
|
||||
&& builtins.match mcf user.hashedPassword == null)
|
||||
then ''
|
||||
The password hash of user "${name}" may be invalid. You must set a
|
||||
The password hash of user "${user.name}" may be invalid. You must set a
|
||||
valid hash or the user will be locked out of their account. Please
|
||||
check the value of option `users.users."${name}".hashedPassword`.''
|
||||
check the value of option `users.users."${user.name}".hashedPassword`.''
|
||||
else null
|
||||
));
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user