diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix
index 8b8f6bd909e..7daab98f7be 100644
--- a/nixos/modules/config/users-groups.nix
+++ b/nixos/modules/config/users-groups.nix
@@ -55,13 +55,27 @@ let
type = with types; nullOr int;
default = null;
description = ''
- The account UID. If the mutableUsers option
+ The account UID. If the option
is false, the UID cannot be null. Otherwise, the UID might be
null, in which case a free UID is picked on activation (by the
useradd command).
'';
};
+ isSystemUser = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Indicates if the user is a system user or not. This option
+ only has an effect if is
+ true and is
+ , in which case it determines whether
+ the user's UID is allocated in the range for system users
+ (below 500) or in the range for normal users (starting at
+ 1000).
+ '';
+ };
+
group = mkOption {
type = types.str;
default = "nogroup";
@@ -459,17 +473,16 @@ in {
'';
groupadd = n: g: ''
if [ -z "$(getent group "${g.name}")" ]; then
- echo "Adding group ${g.name}"
${pkgs.shadow}/sbin/groupadd "${g.name}"
fi
'';
useradd = n: u: ''
if ! id "${u.name}" &>/dev/null; then
- echo "Adding user ${u.name}"
${pkgs.shadow}/sbin/useradd \
-g "${u.group}" \
-s "${u.shell}" \
-d "${u.home}" \
+ ${optionalString u.isSystemUser "--system"} \
"${u.name}"
echo "${u.name}:x" | ${pkgs.shadow}/sbin/chpasswd -e
fi