diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2007-06-08 15:41:12 +0000 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2007-06-08 15:41:12 +0000 |
commit | 29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1 (patch) | |
tree | 43abf8ab97240390119e309eeefdc3e6801d4934 /system/ids.nix | |
parent | 566c723986402cf6857838b4c1796ad2c22a1687 (diff) | |
download | nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.gz nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.bz2 nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.lz nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.xz nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.tar.zst nixpkgs-29c5178bdfb2b851f2a19a62d95c93a2dfec7ed1.zip |
* Declarative specification of user accounts. Jobs can now specify a
list of user accounts that the job needs to run. For instance, the SSH daemon job says: { name = "sshd"; uid = (import ../system/ids.nix).uids.sshd; description = "SSH privilege separation user"; home = "/var/empty"; } The activation script creates the system users/groups and updates them as well. So a change in the Nix expression can be realised in /etc/{group,passwd} by running nixos-rebuild. svn path=/nixos/trunk/; revision=8846
Diffstat (limited to 'system/ids.nix')
-rw-r--r-- | system/ids.nix | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/system/ids.nix b/system/ids.nix new file mode 100644 index 00000000000..08b387feabe --- /dev/null +++ b/system/ids.nix @@ -0,0 +1,21 @@ +{ + + uids = { + root = 0; + nscd = 1; + sshd = 2; + ntp = 3; + messagebus = 4; # D-Bus + haldaemon = 5; + nixbld = 30000; # start of range of uids + nobody = 65534; + }; + + gids = { + root = 0; + users = 100; + nixbld = 30000; + nogroup = 65534; + }; + +} |