Loading maintainers/maintainer-list.nix +1 −0 Original line number Diff line number Diff line Loading @@ -12193,6 +12193,7 @@ github = "alyssais"; githubId = 2768870; name = "Alyssa Ross"; matrix = "@qyliss:fairydust.space"; keys = [{ fingerprint = "7573 56D7 79BB B888 773E 415E 736C CDF9 EF51 BD97"; }]; Loading nixos/modules/config/update-users-groups.pl +6 −4 Original line number Diff line number Diff line Loading @@ -215,12 +215,14 @@ foreach my $u (@{$spec->{users}}) { } else { $u->{uid} = allocUid($name, $u->{isSystemUser}) if !defined $u->{uid}; if (!defined $u->{hashedPassword}) { if (defined $u->{initialPassword}) { $u->{hashedPassword} = hashPassword($u->{initialPassword}); } elsif (defined $u->{initialHashedPassword}) { $u->{hashedPassword} = $u->{initialHashedPassword}; } } } # Ensure home directory incl. ownership and permissions. if ($u->{createHome} and !$is_dry) { Loading nixos/modules/config/users-groups.nix +6 −0 Original line number Diff line number Diff line Loading @@ -273,6 +273,9 @@ let {command}`passwd` command. Otherwise, it's equivalent to setting the {option}`hashedPassword` option. Note that the {option}`hashedPassword` option will override this option if both are set. ${hashedPasswordDescription} ''; }; Loading @@ -291,6 +294,9 @@ let is world-readable in the Nix store, so it should only be used for guest accounts or passwords that will be changed promptly. Note that the {option}`password` option will override this option if both are set. ''; }; Loading nixos/tests/shadow.nix +23 −0 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ let password4 = "asdf123"; hashed_bcrypt = "$2b$05$8xIEflrk2RxQtcVXbGIxs.Vl0x7dF1/JSv3cyX6JJt0npzkTCWvxK"; # fnord hashed_yeshash = "$y$j9T$d8Z4EAf8P1SvM/aDFbxMS0$VnTXMp/Hnc7QdCBEaLTq5ZFOAFo2/PM0/xEAFuOE88."; # fnord hashed_sha512crypt = "$6$ymzs8WINZ5wGwQcV$VC2S0cQiX8NVukOLymysTPn4v1zJoJp3NGyhnqyv/dAf4NWZsBWYveQcj6gEJr4ZUjRBRjM0Pj1L8TCQ8hUUp0"; # meow in import ./make-test-python.nix ({ pkgs, ... }: { name = "shadow"; meta = with pkgs.lib.maintainers; { maintainers = [ nequissimus ]; }; Loading Loading @@ -39,6 +40,12 @@ in import ./make-test-python.nix ({ pkgs, ... }: { hashedPassword = hashed_yeshash; shell = pkgs.bash; }; users.leo = { isNormalUser = true; initialHashedPassword = "!"; hashedPassword = hashed_sha512crypt; # should take precedence over initialHashedPassword shell = pkgs.bash; }; }; }; Loading Loading @@ -145,5 +152,21 @@ in import ./make-test-python.nix ({ pkgs, ... }: { print(shadow.succeed(f"cat /tmp/{u}")) assert u in shadow.succeed(f"cat /tmp/{u}") shadow.send_chars("logout\n") with subtest("Ensure hashedPassword does not get overridden by initialHashedPassword"): shadow.send_key("alt-f6") shadow.wait_until_succeeds("[ $(fgconsole) = 6 ]") shadow.wait_for_unit("getty@tty6.service") shadow.wait_until_succeeds("pgrep -f 'agetty.*tty6'") shadow.wait_until_tty_matches("6", "login: ") shadow.send_chars("leo\n") shadow.wait_until_tty_matches("6", "login: leo") shadow.wait_until_succeeds("pgrep login") shadow.sleep(2) shadow.send_chars("meow\n") shadow.send_chars("whoami > /tmp/leo\n") shadow.wait_for_file("/tmp/leo") assert "leo" in shadow.succeed("cat /tmp/leo") shadow.send_chars("logout\n") ''; }) nixos/tests/systemd-shutdown.nix +1 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ in { systemd.shutdownRamfs.contents."/etc/systemd/system-shutdown/shutdown-message".source = pkgs.writeShellScript "shutdown-message" '' echo "${msg}" ''; boot.initrd.systemd.enable = systemdStage1; }; testScript = '' Loading Loading
maintainers/maintainer-list.nix +1 −0 Original line number Diff line number Diff line Loading @@ -12193,6 +12193,7 @@ github = "alyssais"; githubId = 2768870; name = "Alyssa Ross"; matrix = "@qyliss:fairydust.space"; keys = [{ fingerprint = "7573 56D7 79BB B888 773E 415E 736C CDF9 EF51 BD97"; }]; Loading
nixos/modules/config/update-users-groups.pl +6 −4 Original line number Diff line number Diff line Loading @@ -215,12 +215,14 @@ foreach my $u (@{$spec->{users}}) { } else { $u->{uid} = allocUid($name, $u->{isSystemUser}) if !defined $u->{uid}; if (!defined $u->{hashedPassword}) { if (defined $u->{initialPassword}) { $u->{hashedPassword} = hashPassword($u->{initialPassword}); } elsif (defined $u->{initialHashedPassword}) { $u->{hashedPassword} = $u->{initialHashedPassword}; } } } # Ensure home directory incl. ownership and permissions. if ($u->{createHome} and !$is_dry) { Loading
nixos/modules/config/users-groups.nix +6 −0 Original line number Diff line number Diff line Loading @@ -273,6 +273,9 @@ let {command}`passwd` command. Otherwise, it's equivalent to setting the {option}`hashedPassword` option. Note that the {option}`hashedPassword` option will override this option if both are set. ${hashedPasswordDescription} ''; }; Loading @@ -291,6 +294,9 @@ let is world-readable in the Nix store, so it should only be used for guest accounts or passwords that will be changed promptly. Note that the {option}`password` option will override this option if both are set. ''; }; Loading
nixos/tests/shadow.nix +23 −0 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ let password4 = "asdf123"; hashed_bcrypt = "$2b$05$8xIEflrk2RxQtcVXbGIxs.Vl0x7dF1/JSv3cyX6JJt0npzkTCWvxK"; # fnord hashed_yeshash = "$y$j9T$d8Z4EAf8P1SvM/aDFbxMS0$VnTXMp/Hnc7QdCBEaLTq5ZFOAFo2/PM0/xEAFuOE88."; # fnord hashed_sha512crypt = "$6$ymzs8WINZ5wGwQcV$VC2S0cQiX8NVukOLymysTPn4v1zJoJp3NGyhnqyv/dAf4NWZsBWYveQcj6gEJr4ZUjRBRjM0Pj1L8TCQ8hUUp0"; # meow in import ./make-test-python.nix ({ pkgs, ... }: { name = "shadow"; meta = with pkgs.lib.maintainers; { maintainers = [ nequissimus ]; }; Loading Loading @@ -39,6 +40,12 @@ in import ./make-test-python.nix ({ pkgs, ... }: { hashedPassword = hashed_yeshash; shell = pkgs.bash; }; users.leo = { isNormalUser = true; initialHashedPassword = "!"; hashedPassword = hashed_sha512crypt; # should take precedence over initialHashedPassword shell = pkgs.bash; }; }; }; Loading Loading @@ -145,5 +152,21 @@ in import ./make-test-python.nix ({ pkgs, ... }: { print(shadow.succeed(f"cat /tmp/{u}")) assert u in shadow.succeed(f"cat /tmp/{u}") shadow.send_chars("logout\n") with subtest("Ensure hashedPassword does not get overridden by initialHashedPassword"): shadow.send_key("alt-f6") shadow.wait_until_succeeds("[ $(fgconsole) = 6 ]") shadow.wait_for_unit("getty@tty6.service") shadow.wait_until_succeeds("pgrep -f 'agetty.*tty6'") shadow.wait_until_tty_matches("6", "login: ") shadow.send_chars("leo\n") shadow.wait_until_tty_matches("6", "login: leo") shadow.wait_until_succeeds("pgrep login") shadow.sleep(2) shadow.send_chars("meow\n") shadow.send_chars("whoami > /tmp/leo\n") shadow.wait_for_file("/tmp/leo") assert "leo" in shadow.succeed("cat /tmp/leo") shadow.send_chars("logout\n") ''; })
nixos/tests/systemd-shutdown.nix +1 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ in { systemd.shutdownRamfs.contents."/etc/systemd/system-shutdown/shutdown-message".source = pkgs.writeShellScript "shutdown-message" '' echo "${msg}" ''; boot.initrd.systemd.enable = systemdStage1; }; testScript = '' Loading
![github-actions[bot]'s avatar](https://secure.gravatar.com/avatar/e7cd911927c7d1acf6281b69d385990d8fadcd26871048bbcdbff2e88da7f607?s=48&d=identicon "github-actions[bot]")