diff options
| author | Michael Hoang <enzime@users.noreply.github.com> | 2024-10-25 01:16:19 +1100 |
|---|---|---|
| committer | Michael Hoang <enzime@users.noreply.github.com> | 2024-10-27 21:52:41 +1100 |
| commit | dc6f754fe5d3b0d1ee6b033495c87ec3199a7f68 (patch) | |
| tree | 02108e6de8592ac232f8baff757c8c0255fb0337 /modules/users | |
| parent | 3712ff78ccacd65c819435a310fe8b1a8a2de2ee (diff) | |
users: allow `shell` to be managed by macOS
Diffstat (limited to 'modules/users')
| -rw-r--r-- | modules/users/default.nix | 4 | ||||
| -rw-r--r-- | modules/users/user.nix | 13 |
2 files changed, 12 insertions, 5 deletions
diff --git a/modules/users/default.nix b/modules/users/default.nix index 0b2ffd9..aee8fec 100644 --- a/modules/users/default.nix +++ b/modules/users/default.nix @@ -242,7 +242,7 @@ in "-GID" v.gid ] ++ (lib.optionals (v.description != null) [ "-fullName" v.description ]) ++ (lib.optionals (v.home != null) [ "-home" v.home ]) - ++ [ "-shell" (shellPath v.shell) ])} 2> /dev/null + ++ [ "-shell" (if v.shell != null then shellPath v.shell else "/usr/bin/false") ])} 2> /dev/null # We need to check as `sysadminctl -addUser` still exits with exit code 0 when there's an error if ! id ${name} &> /dev/null; then @@ -260,7 +260,7 @@ in # Update properties on known users to keep them inline with configuration dscl . -create ${dsclUser} PrimaryGroupID ${toString v.gid} ${optionalString (v.description != null) "dscl . -create ${dsclUser} RealName ${lib.escapeShellArg v.description}"} - dscl . -create ${dsclUser} UserShell ${lib.escapeShellArg (shellPath v.shell)} + ${optionalString (v.shell != null) "dscl . -create ${dsclUser} UserShell ${lib.escapeShellArg (shellPath v.shell)}"} fi '') createdUsers} diff --git a/modules/users/user.nix b/modules/users/user.nix index 281b7e6..72ae07b 100644 --- a/modules/users/user.nix +++ b/modules/users/user.nix @@ -73,10 +73,17 @@ }; shell = mkOption { - type = types.either types.shellPackage types.path; - default = "/usr/bin/false"; + type = types.nullOr (types.either types.shellPackage types.path); + default = null; example = literalExpression "pkgs.bashInteractive"; - description = "The user's shell."; + description = '' + The user's shell. This defaults to `null`. + + When this is set to `null`, if the user has not been created yet, + they will be created with the shell `/usr/bin/false` to prevent + interactive login. If the user already exists, the value is + considered managed by macOS and `nix-darwin` will not change it. + ''; }; packages = mkOption { |