Merge pull request #89951 from KoviRobi/nixos-user-name-not-attr-name

nixos/users-groups: Use user name not attribute name for /etc/profiles/…
2021-04-05 13:52:25 +02:00 · 2021-04-05 13:52:25 +02:00 · e2080b39e6
parent 4e83ef8026 af4adb1dd2
commit e2080b39e6
1 changed files with 7 additions and 7 deletions
--- a/nixos/modules/config/users-groups.nix
+++ b/nixos/modules/config/users-groups.nix
@ -593,8 +593,8 @@ in {
        # password or an SSH authorized key. Privileged accounts are
        # root and users in the wheel group.
        assertion = !cfg.mutableUsers ->
-          any id ((mapAttrsToList (name: cfg:
-            (name == "root"
+          any id ((mapAttrsToList (_: cfg:
+            (cfg.name == "root"
             || cfg.group == "wheel"
             || elem "wheel" cfg.extraGroups)
            &&
@ -615,16 +615,16 @@ in {
        assertion = (user.hashedPassword != null)
                    -> (builtins.match ".*:.*" user.hashedPassword == null);
        message = ''
-          The password hash of user "${name}" contains a ":" character.
+          The password hash of user "${user.name}" contains a ":" character.
          This is invalid and would break the login system because the fields
          of /etc/shadow (file where hashes are stored) are colon-separated.
-          Please check the value of option `users.users."${name}".hashedPassword`.'';
+          Please check the value of option `users.users."${user.name}".hashedPassword`.'';
      }
    );

    warnings =
      builtins.filter (x: x != null) (
-        flip mapAttrsToList cfg.users (name: user:
+        flip mapAttrsToList cfg.users (_: user:
        # This regex matches a subset of the Modular Crypto Format (MCF)[1]
        # informal standard. Since this depends largely on the OS or the
        # specific implementation of crypt(3) we only support the (sane)
@ -647,9 +647,9 @@ in {
            && user.hashedPassword != ""  # login without password
            && builtins.match mcf user.hashedPassword == null)
        then ''
-          The password hash of user "${name}" may be invalid. You must set a
+          The password hash of user "${user.name}" may be invalid. You must set a
          valid hash or the user will be locked out of their account. Please
-          check the value of option `users.users."${name}".hashedPassword`.''
+          check the value of option `users.users."${user.name}".hashedPassword`.''
        else null
      ));