nixpkgs/helpers/create-users-groups.sh
Eelco Dolstra 29c5178bdf * Declarative specification of user accounts. Jobs can now specify a
list of user accounts that the job needs to run.  For instance, the
  SSH daemon job says:

    { name = "sshd";
      uid = (import ../system/ids.nix).uids.sshd;
      description = "SSH privilege separation user";
      home = "/var/empty";
    }

  The activation script creates the system users/groups and updates
  them as well.  So a change in the Nix expression can be realised in
  /etc/{group,passwd} by running nixos-rebuild.

svn path=/nixos/trunk/; revision=8846
2007-06-08 15:41:12 +00:00

60 lines
1.6 KiB
Bash

cat "$2" | while true; do
read name || break
read gid
if ! curEnt=$(getent group "$name"); then
echo "creating group $name..."
groupadd --system \
"$name" \
${gid:+--gid $gid}
else
echo "updating group $name..."
oldIFS="$IFS"; IFS=:; set -- $curEnt; IFS="$oldIFS"
prevGid=$3
if test "$prevGid" != "$gid"; then
groupmod "$name" --gid $gid
fi
fi
done
cat "$1" | while true; do
read name || break
read description
read uid
read group
read extraGroups
read home
read shell
if ! curEnt=$(getent passwd "$name"); then
echo "creating user $name..."
useradd --system \
"$name" \
--comment "$description" \
${uid:+--uid $uid} \
--gid "$group" \
--groups "$extraGroups" \
--home "$home" \
--shell "$shell"
else
echo "updating user $name..."
oldIFS="$IFS"; IFS=:; set -- $curEnt; IFS="$oldIFS"
prevUid=$3
prevHome=$6
# Don't change the UID if it's the same, otherwise usermod
# will complain.
if test "$prevUid" = "$uid"; then unset uid; fi
# Don't change the home directory if it's the same to prevent
# unnecessary warnings about logged in users.
if test "$prevHome" = "$home"; then unset home; fi
usermod \
"$name" \
--comment "$description" \
${uid:+--uid $uid} \
--gid "$group" \
--groups "$extraGroups" \
${home:+--home "$home"} \
--shell "$shell"
fi
done