diff options
author | Cole Helbling <cole.e.helbling@outlook.com> | 2020-09-24 13:28:52 -0700 |
---|---|---|
committer | Cole Helbling <cole.e.helbling@outlook.com> | 2020-09-25 09:38:35 -0700 |
commit | 937359fcf1e4b6ed826aba34179ab714377546da (patch) | |
tree | 245f7d9cff1936a986e0e9c85635be6e264db598 /nixos/modules/config | |
parent | d6d1c121e128c648abd393b98cb9629f161ad716 (diff) | |
download | nixpkgs-937359fcf1e4b6ed826aba34179ab714377546da.tar nixpkgs-937359fcf1e4b6ed826aba34179ab714377546da.tar.gz nixpkgs-937359fcf1e4b6ed826aba34179ab714377546da.tar.bz2 nixpkgs-937359fcf1e4b6ed826aba34179ab714377546da.tar.lz nixpkgs-937359fcf1e4b6ed826aba34179ab714377546da.tar.xz nixpkgs-937359fcf1e4b6ed826aba34179ab714377546da.tar.zst nixpkgs-937359fcf1e4b6ed826aba34179ab714377546da.zip |
nixos/update-users-groups: /etc/shadow owned by root:shadow
Diffstat (limited to 'nixos/modules/config')
-rw-r--r-- | nixos/modules/config/update-users-groups.pl | 6 | ||||
-rw-r--r-- | nixos/modules/config/users-groups.nix | 1 |
2 files changed, 7 insertions, 0 deletions
diff --git a/nixos/modules/config/update-users-groups.pl b/nixos/modules/config/update-users-groups.pl index e1c7a46e430..e220aa61090 100644 --- a/nixos/modules/config/update-users-groups.pl +++ b/nixos/modules/config/update-users-groups.pl @@ -281,6 +281,12 @@ foreach my $u (values %usersOut) { } updateFile("/etc/shadow", \@shadowNew, 0600); +{ + my $uid = getpwnam "root"; + my $gid = getgrnam "shadow"; + my $path = "/etc/shadow"; + chown($uid, $gid, $path) || die "Failed to change ownership of $path: $!"; +} # Rewrite /etc/subuid & /etc/subgid to include default container mappings diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index 0ab303d0ae4..1bb1317a8e8 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -537,6 +537,7 @@ in { input.gid = ids.gids.input; kvm.gid = ids.gids.kvm; render.gid = ids.gids.render; + shadow.gid = ids.gids.shadow; }; system.activationScripts.users = stringAfter [ "stdio" ] |