Nice, I planned to do this as part of NixOS/rfcs#52. This should be backwards compatible as I check recently. Currently there is a limit of 100 dynamic system users, but #65698 will increase this, so this shouldn't be a problem.

@infinisil Yes, it seems like switch-to-configuration prints a warning but doesn't change UIDs of existing users. Also, as this only modifys 47 users, I doubt this PR will be the cause of UID exhaustion ;)

Okay, I stand corrected. 100 is probably not enough. Looks like #65698 should be merged first

Well the system uid range isn't only for nixpkgs. People could define lots of services outside of nixpkgs. And 100 services being enabled over the lifetime of a system doesn't seem far fetched. So I'd like the PR for increasing this limit be merged first. Should be quick after the RFC is accepted, which will be in less than a week.

@asymmetric Unfortunately, the command is not in my shell history anymore. I was able to reproduce it, so this one is pretty similar: grep -R users.users nixos/modules -l | xargs grep -L isSystemUser | xargs grep -L 'uid *=' | xargs -o -n 1 vim
It still requires a lot of manual work in vim, but that takes less than 10 minutes.

Idk about the PR prefix, maybe someone with more experience can help me out here

So the new policy would be: Every service should use either isSystemUser or DynamicUser?
Is this documented in the manual? I couldn't see it at a glance (quick grep).

I mentioned in the RFC that something like this should be added to the manual, haven't done that yet