diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index 8b8f6bd909e..7daab98f7be 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -55,13 +55,27 @@ let type = with types; nullOr int; default = null; description = '' - The account UID. If the mutableUsers option + The account UID. If the option is false, the UID cannot be null. Otherwise, the UID might be null, in which case a free UID is picked on activation (by the useradd command). ''; }; + isSystemUser = mkOption { + type = types.bool; + default = false; + description = '' + Indicates if the user is a system user or not. This option + only has an effect if is + true and is + , in which case it determines whether + the user's UID is allocated in the range for system users + (below 500) or in the range for normal users (starting at + 1000). + ''; + }; + group = mkOption { type = types.str; default = "nogroup"; @@ -459,17 +473,16 @@ in { ''; groupadd = n: g: '' if [ -z "$(getent group "${g.name}")" ]; then - echo "Adding group ${g.name}" ${pkgs.shadow}/sbin/groupadd "${g.name}" fi ''; useradd = n: u: '' if ! id "${u.name}" &>/dev/null; then - echo "Adding user ${u.name}" ${pkgs.shadow}/sbin/useradd \ -g "${u.group}" \ -s "${u.shell}" \ -d "${u.home}" \ + ${optionalString u.isSystemUser "--system"} \ "${u.name}" echo "${u.name}:x" | ${pkgs.shadow}/sbin/chpasswd -e fi