diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2007-06-08 15:41:12 +0000 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2007-06-08 15:41:12 +0000 |
| commit | 29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1 (patch) | |
| tree | 43abf8ab97240390119e309eeefdc3e6801d4934 /system/ids.nix | |
| parent | 566c723986402cf6857838b4c1796ad2c22a1687 (diff) | |
| download | nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.gz nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.bz2 nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.lz nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.xz nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.zst nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.zip | |
* Declarative specification of user accounts. Jobs can now specify a
list of user accounts that the job needs to run. For instance, the
SSH daemon job says:
{ name = "sshd";
uid = (import ../system/ids.nix).uids.sshd;
description = "SSH privilege separation user";
home = "/var/empty";
}
The activation script creates the system users/groups and updates
them as well. So a change in the Nix expression can be realised in
/etc/{group,passwd} by running nixos-rebuild.
svn path=/nixos/trunk/; revision=8846
Diffstat (limited to 'system/ids.nix')
| -rw-r--r-- | system/ids.nix | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/system/ids.nix b/system/ids.nix new file mode 100644 index 00000000000..08b387feabe --- /dev/null +++ b/system/ids.nix @@ -0,0 +1,21 @@ +{ + + uids = { + root = 0; + nscd = 1; + sshd = 2; + ntp = 3; + messagebus = 4; # D-Bus + haldaemon = 5; + nixbld = 30000; # start of range of uids + nobody = 65534; + }; + + gids = { + root = 0; + users = 100; + nixbld = 30000; + nogroup = 65534; + }; + +} |