aboutsummaryrefslogtreecommitdiff
path: root/nixpkgs/nixos/modules/programs/shadow.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/modules/programs/shadow.nix')
-rw-r--r--nixpkgs/nixos/modules/programs/shadow.nix14
1 files changed, 12 insertions, 2 deletions
diff --git a/nixpkgs/nixos/modules/programs/shadow.nix b/nixpkgs/nixos/modules/programs/shadow.nix
index 8ec4169207d..7eaf79d864e 100644
--- a/nixpkgs/nixos/modules/programs/shadow.nix
+++ b/nixpkgs/nixos/modules/programs/shadow.nix
@@ -6,17 +6,27 @@ with lib;
let
+ /*
+ There are three different sources for user/group id ranges, each of which gets
+ used by different programs:
+ - The login.defs file, used by the useradd, groupadd and newusers commands
+ - The update-users-groups.pl file, used by NixOS in the activation phase to
+ decide on which ids to use for declaratively defined users without a static
+ id
+ - Systemd compile time options -Dsystem-uid-max= and -Dsystem-gid-max=, used
+ by systemd for features like ConditionUser=@system and systemd-sysusers
+ */
loginDefs =
''
DEFAULT_HOME yes
SYS_UID_MIN 400
- SYS_UID_MAX 499
+ SYS_UID_MAX 999
UID_MIN 1000
UID_MAX 29999
SYS_GID_MIN 400
- SYS_GID_MAX 499
+ SYS_GID_MAX 999
GID_MIN 1000
GID_MAX 29999
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 23:33:21 +0000