When the user's home directory is created using `createHome` e.g.
```
users.users.alice = {
home = "/users/alice";
createHome = true;
};
```
The `/users` directory was created with the same permissions as `/users/alice`, `0700` by default.
The parent directory `/users` permissions results in `createHome` creating a home directory that is inaccessible to the user:
```
$ su alice
$ cd /user/alice
cd: permission denied: /users/alice
```
The underlying cause is `make_path($u->{home}, { mode => oct($u->{homeMode}) })` which sets, in the example above`, `/users` to `0700`. Instead it should be `0755` like other system directories `/var`, `/dev`, etc.
Many terminal packages don't cross compile, so the `terminfo`
NixOS module was not usable for nixos configurations that are
cross-compiled.
Terminfo files (AFAIK) are small files that contain data about
terminal capability, so they should never have any runtime
dependencies that would cause any executables or otherwise
incompatible outputs from the `buildPlatform` to leak into the
nixos config's closure.
these changes were generated with nixq 0.0.2, by running
nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix
two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.
Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
resolvconf.conf is a shell script and unlike resolv.conf, multiple
nameservers are specified by space separating them instead of adding
multiple lines.
Fixes: fc060cc3cb
The update-lingering activation script currently fails during rebuilds.
This happens when removing a user with linger enabled.
The call to loginctl disable-linger runs for the non-existent user.
This returns an error code which causes the failure.
To mitigate this, this PR removes any residual linger files.
These are files named for the user in /var/lib/systemd/linger.
A simple check for user existence determines whether to delete the file.
This happens before the call to disable-linger to avoid any errors.
Fixes#283769.
Nix has a suprising behavior where if the option `extra-foo` is set before `foo`, then setting `foo` overwrites the setting for `extra-foo`. This is reported as https://github.com/NixOS/nix/issues/9487, and will likely not be fixed any time soon.
This works around this issue by always putting `extra-*` settings after non-extra ones in the nixos-generated `/etc/nix.conf`.
