* Move the configuration of the pwdutils (passwd, useradd etc.) to

modules/programs/pwdutils. * Renamed config.system.shell to config.users.defaultUserShell and updated the description to make clear it has to be a non-store path. svn path=/nixos/branches/modular-nixos/; revision=15761
2009-05-28 12:24:56 +00:00
parent dfe03fc7f9
commit ec55562ec3
9 changed files with 54 additions and 39 deletions
--- a/modules/programs/pwdutils/login.defs
+++ b/modules/programs/pwdutils/login.defs
@@ -0,0 +1,11 @@
+DEFAULT_HOME            yes
+
+SYSTEM_UID_MIN            100
+SYSTEM_UID_MAX            499
+UID_MIN                  1000
+UID_MAX                 29999
+
+SYSTEM_GID_MIN            100
+SYSTEM_GID_MAX            499
+GID_MIN                  1000
+GID_MAX                 29999
--- a/modules/programs/pwdutils/passwd.conf
+++ b/modules/programs/pwdutils/passwd.conf
@@ -0,0 +1,15 @@
+# Define default crypt hash
+# CRYPT={des,md5,blowfish}
+CRYPT=des
+
+# for local files, use a more secure hash. We
+# don't need to be portable here:
+CRYPT_FILES=blowfish
+
+# sometimes we need to specify special options for
+# a hash (variable is prepended by the name of the
+# crypt hash).
+BLOWFISH_CRYPT_FILES=10
+
+# For NIS, we should always use DES:
+CRYPT_YP=des
--- a/modules/programs/pwdutils/pwdutils.nix
+++ b/modules/programs/pwdutils/pwdutils.nix
@@ -0,0 +1,50 @@
+# Configuration for the pwdutils suite of tools: passwd, useradd, etc.
+
+{config, pkgs, ...}:
+
+let
+
+  options = {
+
+    users.defaultUserShell = pkgs.lib.mkOption {
+      default = "/var/run/current-system/sw/bin/bash";
+      description = ''
+        This option defined the default shell assigned to user
+        accounts.  This must not be a store path, since the path is
+        used outside the store (in particular in /etc/passwd).
+        Rather, it should be the path of a symlink that points to the
+        actual shell in the Nix store.
+      '';
+    };
+  
+  };
+
+in
+
+{
+  require = [options];
+
+  environment.etc =
+    [ { # /etc/login.defs: global configuration for pwdutils.  You
+        # cannot login without it! 
+        source = ./login.defs;
+        target = "login.defs";
+      } 
+
+      { # /etc/default/passwd: configuration for passwd and friends
+        # (e.g., hash algorithm for /etc/passwd).
+        source = ./passwd.conf;
+        target = "default/passwd";
+      }
+
+      { # /etc/default/useradd: configuration for useradd.
+        source = pkgs.writeText "useradd"
+          ''
+            GROUP=100
+            HOME=/home
+            SHELL=${config.users.defaultUserShell}
+          '';
+        target = "default/useradd";
+      }
+    ];
+}