Mirrors/impermanence
2
0
Fork 0
mirror of https://github.com/nix-community/impermanence synced 2024-11-10 05:44:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #188 from kuruczgy/add-var-lib-nixos-assertion

Browse source 
nixos: Add assertion for persisting UIDs/GIDs
This commit is contained in:
Kim Lindberger 2024-08-19 22:11:47 +02:00 committed by GitHub
commit 9de98e038a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
nixos.nix
View file

@ -682,6 +682,9 @@ in
homeDirOffenders =
filterAttrs
(n: v: (v.home != config.users.users.${n}.home));
usersWithoutUid = attrNames (filterAttrs (n: u: u.uid == null) config.users.users);
groupsWithoutGid = attrNames (filterAttrs (n: g: g.gid == null) config.users.groups);
varLibNixosPersisted = elem "/var/lib/nixos" (catAttrs "dirPath" directories);
in
[
{
@ -753,6 +756,18 @@ in
${concatStringsSep "\n " offenders}
'';
}
{
assertion = varLibNixosPersisted || (usersWithoutUid == [ ] && groupsWithoutGid == [ ]);
message = ''
environment.persistence:
Either "/var/lib/nixos" has to be persisted, or all users and
groups must have a uid/gid specified. The following users are
missing a uid:
${concatStringsSep "\n " usersWithoutUid}
The following groups are missing a gid:
${concatStringsSep "\n " groupsWithoutGid}
'';
}
];
};