diff options
author | Vladimir Pouzanov <farcaller@gmail.com> | 2023-03-31 19:10:19 +0000 |
---|---|---|
committer | Raito Bezarius <masterancpp@gmail.com> | 2023-09-27 18:49:06 +0200 |
commit | 093f354a1777e462bd80398c4fc624c4d383dc68 (patch) | |
tree | 99c7baf7df656f8ab3db42fd880f3d1cac3b7a56 /nixos/modules/config | |
parent | bfbbf80015b33600c0cf9641d280febef9f4f006 (diff) | |
download | nixpkgs-093f354a1777e462bd80398c4fc624c4d383dc68.tar nixpkgs-093f354a1777e462bd80398c4fc624c4d383dc68.tar.gz nixpkgs-093f354a1777e462bd80398c4fc624c4d383dc68.tar.bz2 nixpkgs-093f354a1777e462bd80398c4fc624c4d383dc68.tar.lz nixpkgs-093f354a1777e462bd80398c4fc624c4d383dc68.tar.xz nixpkgs-093f354a1777e462bd80398c4fc624c4d383dc68.tar.zst nixpkgs-093f354a1777e462bd80398c4fc624c4d383dc68.zip |
nixos/users-groups: escape hatch for enabling a shell system-wide
Diffstat (limited to 'nixos/modules/config')
-rw-r--r-- | nixos/modules/config/users-groups.nix | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index 785084209b0..0f7209ef9ea 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -172,6 +172,17 @@ let ''; }; + ignoreShellProgramCheck = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + By default, nixos will check that programs.SHELL.enable is set to + true if the user has a custom shell specified. If that behavior isn't + required and there are custom overrides in place to make sure that the + shell is functional, set this to true. + ''; + }; + subUidRanges = mkOption { type = with types; listOf (submodule subordinateUidRange); default = []; @@ -810,13 +821,17 @@ in { ''; } ] ++ (map (shell: { - assertion = (user.shell == pkgs.${shell}) -> (config.programs.${shell}.enable == true); + assertion = !user.ignoreShellProgramCheck -> (user.shell == pkgs.${shell}) -> (config.programs.${shell}.enable == true); message = '' users.users.${user.name}.shell is set to ${shell}, but programs.${shell}.enable is not true. This will cause the ${shell} shell to lack the basic nix directories in its PATH and might make logging in as that user impossible. You can fix it with: programs.${shell}.enable = true; + + If you know what you're doing and you are fine with the behavior, + set users.users.${user.name}.ignoreShellProgramCheck = true; + instead. ''; }) [ "fish" |