|
|
|
@ -123,7 +123,7 @@ let |
|
|
|
|
group = mkOption { |
|
|
|
|
type = types.str; |
|
|
|
|
apply = x: assert (builtins.stringLength x < 32 || abort "Group name '${x}' is longer than 31 characters which is not allowed!"); x; |
|
|
|
|
default = "nogroup"; |
|
|
|
|
default = ""; |
|
|
|
|
description = "The user's primary group."; |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
@ -638,6 +638,16 @@ in { |
|
|
|
|
Exactly one of users.users.${user.name}.isSystemUser and users.users.${user.name}.isNormalUser must be set. |
|
|
|
|
''; |
|
|
|
|
} |
|
|
|
|
{ |
|
|
|
|
assertion = user.group != ""; |
|
|
|
|
message = '' |
|
|
|
|
users.users.${user.name}.group is unset. This used to default to |
|
|
|
|
nogroup, but this is unsafe. For example you can create a group |
|
|
|
|
for this user with: |
|
|
|
|
users.users.${user.name}.group = "${user.name}"; |
|
|
|
|
users.groups.${user.name} = {}; |
|
|
|
|
''; |
|
|
|
|
} |
|
|
|
|
] |
|
|
|
|
)); |
|
|
|
|
|
|
|
|
|