fede
April 9, 2022, 9:16am
1
I would like to grant users in the “users” group permission to see other users directories. I can do this manually with chmod g+rx /home/userX but every time I reconfigure the system the permissions are retest.
users.users.userX = {
isNormalUser = true;
home = "/home/userX";
description = "X";
uid = 100X;
extraGroups = [ "users" ];
};
and the “home” with
fileSystems."/home" = {
device = "/dev/pool/home";
fsType = "ext4";
};
Is there some option I can use?
trofi
April 9, 2022, 12:02pm
2
As I understand 0700 is hardcoded at nixpkgs/update-users-groups.pl at 2e8714c5fce5eda820dbc542afbf5a7e3f026aa2 · NixOS/nixpkgs · GitHub and has no configuration to alter it. I did something similar locally as:
system.activationScripts.foo_home_read = pkgs.lib.stringAfter [ "users" ]
''
chmod g+rx /home/foo
'';
I’d say it would be useful to have a users.users knob.
fede
April 9, 2022, 12:29pm
3
I agree that a configuration option in users.users would be nice.
Thanks for the clarification and the workaround.
fede
April 10, 2022, 7:17pm
4
I’ve created a PR adding an option to specify the home mode
NixOS:master ← fedeinthemix:home-mode
opened 07:15PM - 10 Apr 22 UTC
###### Description of changes
Add `users.users.<name>.homeMode` to specify th… e permissions of the home directory.
###### Things done
- Built on platform(s)
- [x] x86_64-linux
- [ ] aarch64-linux
- [ ] x86_64-darwin
- [ ] aarch64-darwin
- [ ] For non-Linux: Is `sandbox = true` set in `nix.conf`? (See [Nix manual](https://nixos.org/manual/nix/stable/command-ref/conf-file.html))
- [x] Tested, as applicable:
- [NixOS test(s)](https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests) (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
- and/or [package tests](https://nixos.org/manual/nixpkgs/unstable/#sec-package-tests)
- or, for functions and "core" functionality, tests in [lib/tests](https://github.com/NixOS/nixpkgs/blob/master/lib/tests) or [pkgs/test](https://github.com/NixOS/nixpkgs/blob/master/pkgs/test)
- made sure NixOS tests are [linked](https://nixos.org/manual/nixpkgs/unstable/#ssec-nixos-tests-linking) to the relevant packages
- [ ] Tested compilation of all packages that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"`. Note: all changes have to be committed, also see [nixpkgs-review usage](https://github.com/Mic92/nixpkgs-review#usage)
- [ ] Tested basic functionality of all binary files (usually in `./result/bin/`)
- [22.05 Release Notes (or backporting 21.11 Release notes)](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#generating-2205-release-notes)
- [ ] (Package updates) Added a release notes entry if the change is major or breaking
- [ ] (Module updates) Added a release notes entry if the change is significant
- [ ] (Module addition) Added a release notes entry if adding a new NixOS module
- [ ] (Release notes changes) Ran `nixos/doc/manual/md-to-db.sh` to update generated release notes
- [x] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md).
<!--
To help with the large amounts of pull requests, we would appreciate your
reviews of other pull requests, especially simple package updates. Just leave a
comment describing what you have tested in the relevant package/service.
Reviewing helps to reduce the average time-to-merge for everyone.
Thanks a lot if you do!
List of open PRs: https://github.com/NixOS/nixpkgs/pulls
Reviewing guidelines: https://nixos.org/manual/nixpkgs/unstable/#chap-reviewing-contributions
-->
1 Like