users-groups: add skel support via environment.etc.skel #78648
Conversation
ofborg
bot
added
6.topic: nixos
|
I recall having to do some funny interesting things without skel in NixOS But I'm not sure how I feel about it being here. I don't see much of managing anything in the users homedir in NixOS. I'm wondering why it was never included in the first place. |
The other PR #41858 was rejected because nixOS shouldn't manage the homedir. Note that the backbone of the idea for that PR was what home-manager does today. This PR is entirely different and adds a way to initialize the homedir once and then leave it be, so no managing, making it more similar to |
|
cc @grahamc who has opinions on this sort of thing |
|
|
||
| nodes = { | ||
| machine = { config, lib, pkgs, ... }: { | ||
| users.users.testuser = { |
There was a problem hiding this comment.
shouldn't copySkel be set?
There was a problem hiding this comment.
It's implict if createHome is set, but I think it should be implicitly set if createHome && isNormalUser
This tries to replicate the behaviour of the adduser command which automatically copies skel unless otherwise specified AFAIK
|
Would it be possible to get this to use /etc/skel? For instance, I might have some configuration like: And would like it to work equally well with "immutableUsers" and useradd and pam_mkhomedir. |
|
@matthewbauer Yes, the trouble is just resolving the links and then copying just the contents (does cp have an option for that?). Would it be enough to just use |
|
@matthewbauer I've implemented it to use /etc/skel now (from system.build.etc) |
mkg20001
changed the title
|
Everything else seems fine to me. |
| machine.wait_for_unit("default.target") | ||
| machine.succeed("test -d /home/testuser/new-directory") | ||
| machine.succeed("test -f /home/testuser/new-file") |
There was a problem hiding this comment.
How about a test asserting that the testuser can delete these things?
|
Why do we need |
|
BTW uncommon abbreviations like "skel" should be avoided in favour of "skeleton" or "template" or whatever. |
I think it would be a good idea to have an improved feature, but I think the scope of the PR was to be
I think the abbreviation is what it's widely referred to http://www.linfo.org/etc_skel.html. |
I don't think we need |
I see, I think that sounds reasonable. And your edit for a per-user option intrigues me. |
There was a problem hiding this comment.
This should work as is, but I retract my approval because @edolstra actually raised some good points, and I'd actually enjoy this feature more with them.
|
@edolstra I believe the scope of your request is to make it more declarative, but still just for initialization of a user's home directory with |
|
@edolstra After a talk with @worldofpeace we realized #41858 seems more like you want this PR to be. But there's already home-manager's What do you think? |
|
Yeah, #41858 (or home-manager) seems like a better fit. The issue with |
|
It may be worth mentioning that the following actually works : users.users.<user>.createHome = false;
security.pam.services.login.makeHomeDir = true;
security.pam.services.sddm.makeHomeDir = true;
security.pam.makeHomeDir.skelDirectory = "${./user-skeleton}";This enables users to create NixOS live media without a |
|
Don't see any chance of this getting merged, so see ya downstream fellas |
Motivation for this change
For projects like https://github.com/mercode-org/meros-nix it makes sense to have the ability to customize a few things here and there. Since /etc/skel is available everywhere else, why not on nixOS?
This adds multiple options:
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)