nixos/display-manager: Support configurable hidden users
This commit is contained in:
William A. Kennington III
parent
66bfdf6eb0
commit
4940e643cc
@ -20,6 +20,8 @@ let
|
|||||||
extraGroups = [ "nixbld" ];
|
extraGroups = [ "nixbld" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixbldUsers = map makeNixBuildUser (range 1 cfg.nrBuildUsers);
|
||||||
|
|
||||||
nixConf =
|
nixConf =
|
||||||
let
|
let
|
||||||
# If we're using a chroot for builds, then provide /bin/sh in
|
# If we're using a chroot for builds, then provide /bin/sh in
|
||||||
@ -357,7 +359,9 @@ in
|
|||||||
|
|
||||||
nix.nrBuildUsers = mkDefault (lib.max 10 cfg.maxJobs);
|
nix.nrBuildUsers = mkDefault (lib.max 10 cfg.maxJobs);
|
||||||
|
|
||||||
users.extraUsers = map makeNixBuildUser (range 1 cfg.nrBuildUsers);
|
users.extraUsers = nixbldUsers;
|
||||||
|
|
||||||
|
services.xserver.displayManager.hiddenUsers = map ({ name, ... }: name) nixbldUsers;
|
||||||
|
|
||||||
system.activationScripts.nix = stringAfter [ "etc" "users" ]
|
system.activationScripts.nix = stringAfter [ "etc" "users" ]
|
||||||
''
|
''
|
||||||
|
|||||||
@ -208,6 +208,14 @@ in
|
|||||||
description = "Shell commands executed just before the window or desktop manager is started.";
|
description = "Shell commands executed just before the window or desktop manager is started.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
hiddenUsers = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
default = [ "nobody" ];
|
||||||
|
description = ''
|
||||||
|
A list of users which will not be shown in the display manager.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
desktopManagerHandlesLidAndPower = mkOption {
|
desktopManagerHandlesLidAndPower = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = true;
|
default = true;
|
||||||
|
|||||||
@ -38,7 +38,7 @@ let
|
|||||||
''}
|
''}
|
||||||
|
|
||||||
[X-*-Greeter]
|
[X-*-Greeter]
|
||||||
HiddenUsers=root,nixbld1,nixbld2,nixbld3,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9,nixbld10
|
HiddenUsers=root,${concatStringsSep "," dmcfg.hiddenUsers}
|
||||||
PluginsLogin=${kdebase_workspace}/lib/kde4/kgreet_classic.so
|
PluginsLogin=${kdebase_workspace}/lib/kde4/kgreet_classic.so
|
||||||
${optionalString (cfg.themeDirectory != null)
|
${optionalString (cfg.themeDirectory != null)
|
||||||
''
|
''
|
||||||
|
|||||||
@ -50,6 +50,16 @@ let
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
hiddenUsers = config.services.xserver.displayManager.hiddenUsers;
|
||||||
|
|
||||||
|
usersConf = writeText "users.conf"
|
||||||
|
''
|
||||||
|
[UserList]
|
||||||
|
minimum-uid=500
|
||||||
|
hidden-users=${concatStringsSep " " hiddenUsers}
|
||||||
|
hidden-shells=/run/current-system/sw/sbin/nologin
|
||||||
|
'';
|
||||||
|
|
||||||
lightdmConf = writeText "lightdm.conf"
|
lightdmConf = writeText "lightdm.conf"
|
||||||
''
|
''
|
||||||
[LightDM]
|
[LightDM]
|
||||||
@ -84,6 +94,7 @@ in
|
|||||||
package = wrappedGtkGreeter;
|
package = wrappedGtkGreeter;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -102,6 +113,7 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
environment.etc."lightdm/lightdm.conf".source = lightdmConf;
|
environment.etc."lightdm/lightdm.conf".source = lightdmConf;
|
||||||
|
environment.etc."lightdm/users.conf".source = usersConf;
|
||||||
|
|
||||||
services.dbus.enable = true;
|
services.dbus.enable = true;
|
||||||
services.dbus.packages = [ lightdm ];
|
services.dbus.packages = [ lightdm ];
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user