diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 5f56e060227..e760a18f508 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -210,7 +210,7 @@ in #fleet = 173; # unused #input = 174; # unused sddm = 175; - tss = 176; + #tss = 176; # dynamically allocated as of 2021-09-17 #memcached = 177; removed 2018-01-03 #ntp = 179; # dynamically allocated as of 2021-09-17 zabbix = 180; @@ -524,7 +524,7 @@ in #fleet = 173; # unused input = 174; sddm = 175; - tss = 176; + #tss = 176; #dynamically allocateda as of 2021-09-20 #memcached = 177; # unused, removed 2018-01-03 #ntp = 179; # unused zabbix = 180; diff --git a/nixos/modules/security/tpm2.nix b/nixos/modules/security/tpm2.nix index 27f9b58c975..d37425166f8 100644 --- a/nixos/modules/security/tpm2.nix +++ b/nixos/modules/security/tpm2.nix @@ -146,6 +146,7 @@ in { # Create the tss user and group only if the default value is used users.users.${cfg.tssUser} = lib.mkIf (cfg.tssUser == "tss") { isSystemUser = true; + group = "tss"; }; users.groups.${cfg.tssGroup} = lib.mkIf (cfg.tssGroup == "tss") {}; @@ -172,7 +173,7 @@ in { BusName = "com.intel.tss2.Tabrmd"; ExecStart = "${cfg.abrmd.package}/bin/tpm2-abrmd"; User = "tss"; - Group = "nogroup"; + Group = "tss"; }; }; diff --git a/nixos/modules/services/hardware/tcsd.nix b/nixos/modules/services/hardware/tcsd.nix index 0d36bce357b..c549a677501 100644 --- a/nixos/modules/services/hardware/tcsd.nix +++ b/nixos/modules/services/hardware/tcsd.nix @@ -149,12 +149,10 @@ in users.users = optionalAttrs (cfg.user == "tss") { tss = { group = "tss"; - uid = config.ids.uids.tss; + isSystemUser = true; }; }; - users.groups = optionalAttrs (cfg.group == "tss") { - tss.gid = config.ids.gids.tss; - }; + users.groups = optionalAttrs (cfg.group == "tss") { tss = {}; }; }; }