diff --git a/README.md b/README.md index 98c59c4..af3f05f 100644 --- a/README.md +++ b/README.md @@ -30,13 +30,14 @@ The `nix-installer` tool is ready to use in a number of environments: Differing from the current official [Nix](https://github.com/NixOS/nix) installer scripts: * In `nix.conf`: - + the `nix-command` and `flakes` features are enabled + + the `auto-allocate-uids`, `nix-command` and `flakes` features are enabled + `bash-prompt-prefix` is set + `auto-optimise-store` is set to `true` * `extra-nix-path` is set to `nixpkgs=flake:nixpkgs` * an installation receipt (for uninstalling) is stored at `/nix/receipt.json` as well as a copy of the install binary at `/nix/nix-installer` * `nix-channel --update` is not run, `~/.nix-channels` is not provisioned * `NIX_SSL_CERT_FILE` is set in the various shell profiles if the `ssl-cert-file` argument is used. +* `auto-uid-allocation` is set to `true`. ## Motivations diff --git a/nix/tests/vm-test/default.nix b/nix/tests/vm-test/default.nix index 3d4d143..9e57285 100644 --- a/nix/tests/vm-test/default.nix +++ b/nix/tests/vm-test/default.nix @@ -197,27 +197,11 @@ let uninstall = installCases.install-default.uninstall; uninstallCheck = installCases.install-default.uninstallCheck; }; - cure-self-linux-broken-missing-users = { - preinstall = '' - ${nix-installer-install-quiet} - sudo mv /nix/receipt.json /nix/old-receipt.json - sudo userdel nixbld1 - sudo userdel nixbld3 - sudo userdel nixbld16 - ''; - install = installCases.install-default.install; - check = installCases.install-default.check; - uninstall = installCases.install-default.uninstall; - uninstallCheck = installCases.install-default.uninstallCheck; - }; - cure-self-linux-broken-missing-users-and-group = { + cure-self-linux-broken-missing-group = { preinstall = '' NIX_PATH=$(readlink -f nix.tar.xz) RUST_BACKTRACE="full" ./nix-installer install --nix-package-url "file://$NIX_PATH" --no-confirm sudo mv /nix/receipt.json /nix/old-receipt.json - for i in {1..32}; do - sudo userdel "nixbld''${i}" - done sudo groupdel nixbld ''; install = installCases.install-default.install; @@ -357,13 +341,10 @@ let ''; in { - uninstall-users-and-groups-missing = { + uninstall-groups-missing = { install = installCases.install-default.install; check = installCases.install-default.check; preuninstall = '' - for i in $(seq 1 32); do - sudo userdel nixbld$i - done sudo groupdel nixbld ''; uninstall = uninstallFailExpected; diff --git a/src/action/base/add_user_to_group.rs b/src/action/base/add_user_to_group.rs deleted file mode 100644 index bf88b37..0000000 --- a/src/action/base/add_user_to_group.rs +++ /dev/null @@ -1,330 +0,0 @@ -use std::process::Stdio; - -use nix::unistd::User; -use target_lexicon::OperatingSystem; -use tokio::process::Command; -use tracing::{span, Span}; - -use crate::action::{ActionError, ActionErrorKind}; -use crate::execute_command; - -use crate::action::{Action, ActionDescription, StatefulAction}; - -/** -Create an operating system level user in the given group -*/ -#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)] -pub struct AddUserToGroup { - name: String, - uid: u32, - groupname: String, - gid: u32, -} - -impl AddUserToGroup { - #[tracing::instrument(level = "debug", skip_all)] - pub async fn plan( - name: String, - uid: u32, - groupname: String, - gid: u32, - ) -> Result, ActionError> { - let this = Self { - name: name.clone(), - uid, - groupname, - gid, - }; - - match OperatingSystem::host() { - OperatingSystem::MacOSX { .. } | OperatingSystem::Darwin => (), - _ => { - if !(which::which("addgroup").is_ok() || which::which("gpasswd").is_ok()) { - return Err(Self::error(ActionErrorKind::MissingAddUserToGroupCommand)); - } - if !(which::which("delgroup").is_ok() || which::which("gpasswd").is_ok()) { - return Err(Self::error( - ActionErrorKind::MissingRemoveUserFromGroupCommand, - )); - } - }, - } - - // Ensure user does not exists - if let Some(user) = User::from_name(name.as_str()) - .map_err(|e| ActionErrorKind::GettingUserId(name.clone(), e)) - .map_err(Self::error)? - { - if user.uid.as_raw() != uid { - return Err(Self::error(ActionErrorKind::UserUidMismatch( - name.clone(), - user.uid.as_raw(), - uid, - ))); - } - - if user.gid.as_raw() != gid { - return Err(Self::error(ActionErrorKind::UserGidMismatch( - name.clone(), - user.gid.as_raw(), - gid, - ))); - } - - // See if group membership needs to be done - match OperatingSystem::host() { - OperatingSystem::MacOSX { - major: _, - minor: _, - patch: _, - } - | OperatingSystem::Darwin => { - let mut command = Command::new("/usr/sbin/dseditgroup"); - command.process_group(0); - command.args(["-o", "checkmember", "-m"]); - command.arg(&this.name); - command.arg(&this.groupname); - command.stdout(Stdio::piped()); - command.stderr(Stdio::piped()); - tracing::trace!("Executing `{:?}`", command.as_std()); - let output = command - .output() - .await - .map_err(|e| ActionErrorKind::command(&command, e)) - .map_err(Self::error)?; - match output.status.code() { - Some(0) => { - // yes {user} is a member of {groupname} - // Since the user exists, and is already a member of the group, we have truly nothing to do here - tracing::debug!( - "Adding user `{}` to group `{}` already complete", - this.name, - this.groupname - ); - return Ok(StatefulAction::completed(this)); - }, - Some(64) => { - // 64 is the exit code for "Group not found" - tracing::trace!( - "Will add user `{}` to newly created group `{}`", - this.name, - this.groupname - ); - // The group will be created by the installer - () - }, - _ => { - // Some other issue - return Err(Self::error(ActionErrorKind::command_output( - &command, output, - ))); - }, - }; - }, - _ => { - let output = execute_command( - Command::new("groups") - .process_group(0) - .arg(&this.name) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - let output_str = String::from_utf8(output.stdout).map_err(Self::error)?; - let user_in_group = output_str.split(" ").any(|v| v == &this.groupname); - - if user_in_group { - tracing::debug!( - "Adding user `{}` to group `{}` already complete", - this.name, - this.groupname - ); - return Ok(StatefulAction::completed(this)); - } - }, - } - } - - Ok(StatefulAction::uncompleted(this)) - } -} - -#[async_trait::async_trait] -#[typetag::serde(name = "add_user_to_group")] -impl Action for AddUserToGroup { - fn action_tag() -> crate::action::ActionTag { - crate::action::ActionTag("add_user_to_group") - } - fn tracing_synopsis(&self) -> String { - format!( - "Add user `{}` (UID {}) to group `{}` (GID {})", - self.name, self.uid, self.groupname, self.gid - ) - } - - fn tracing_span(&self) -> Span { - span!( - tracing::Level::DEBUG, - "add_user_to_group", - user = self.name, - uid = self.uid, - groupname = self.groupname, - gid = self.gid, - ) - } - - fn execute_description(&self) -> Vec { - vec![ActionDescription::new( - self.tracing_synopsis(), - vec![format!( - "The Nix daemon requires the build users to be in a defined group" - )], - )] - } - - #[tracing::instrument(level = "debug", skip_all)] - async fn execute(&mut self) -> Result<(), ActionError> { - let Self { - name, - uid: _, - groupname, - gid: _, - } = self; - - use target_lexicon::OperatingSystem; - match OperatingSystem::host() { - OperatingSystem::MacOSX { - major: _, - minor: _, - patch: _, - } - | OperatingSystem::Darwin => { - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([ - ".", - "-append", - &format!("/Groups/{groupname}"), - "GroupMembership", - ]) - .arg(&name) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - execute_command( - Command::new("/usr/sbin/dseditgroup") - .process_group(0) - .args(["-o", "edit"]) - .arg("-a") - .arg(&name) - .arg("-t") - .arg(&name) - .arg(groupname) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - }, - _ => { - if which::which("gpasswd").is_ok() { - execute_command( - Command::new("gpasswd") - .process_group(0) - .args(["-a"]) - .args([name, groupname]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else if which::which("addgroup").is_ok() { - execute_command( - Command::new("addgroup") - .process_group(0) - .args([name, groupname]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else { - return Err(Self::error(Self::error( - ActionErrorKind::MissingAddUserToGroupCommand, - ))); - } - }, - } - - Ok(()) - } - - fn revert_description(&self) -> Vec { - vec![ActionDescription::new( - format!( - "Remove user `{}` (UID {}) from group {} (GID {})", - self.name, self.uid, self.groupname, self.gid - ), - vec![format!( - "The Nix daemon requires system users it can act as in order to build" - )], - )] - } - - #[tracing::instrument(level = "debug", skip_all)] - async fn revert(&mut self) -> Result<(), ActionError> { - let Self { - name, - uid: _, - groupname, - gid: _, - } = self; - - use target_lexicon::OperatingSystem; - match target_lexicon::OperatingSystem::host() { - OperatingSystem::MacOSX { - major: _, - minor: _, - patch: _, - } - | OperatingSystem::Darwin => { - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([".", "-delete", &format!("/Groups/{groupname}"), "users"]) - .arg(&name) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - }, - _ => { - if which::which("gpasswd").is_ok() { - execute_command( - Command::new("gpasswd") - .process_group(0) - .args(["-d"]) - .args([&name.to_string(), &groupname.to_string()]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else if which::which("delgroup").is_ok() { - execute_command( - Command::new("delgroup") - .process_group(0) - .args([name, groupname]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else { - return Err(Self::error( - ActionErrorKind::MissingRemoveUserFromGroupCommand, - )); - } - }, - }; - - Ok(()) - } -} diff --git a/src/action/base/create_group.rs b/src/action/base/create_group.rs index de21e1d..4b47a06 100644 --- a/src/action/base/create_group.rs +++ b/src/action/base/create_group.rs @@ -164,14 +164,13 @@ impl Action for CreateGroup { patch: _, } | OperatingSystem::Darwin => { - let output = execute_command( + execute_command( Command::new("/usr/bin/dscl") .args([".", "-delete", &format!("/Groups/{name}")]) .stdin(std::process::Stdio::null()), ) .await .map_err(Self::error)?; - if !output.status.success() {} }, _ => { if which::which("groupdel").is_ok() { diff --git a/src/action/base/create_user.rs b/src/action/base/create_user.rs deleted file mode 100644 index a1637ad..0000000 --- a/src/action/base/create_user.rs +++ /dev/null @@ -1,344 +0,0 @@ -use nix::unistd::User; -use target_lexicon::OperatingSystem; -use tokio::process::Command; -use tracing::{span, Span}; - -use crate::action::{ActionError, ActionErrorKind, ActionTag}; -use crate::execute_command; - -use crate::action::{Action, ActionDescription, StatefulAction}; - -/** -Create an operating system level user in the given group -*/ -#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)] -pub struct CreateUser { - name: String, - uid: u32, - groupname: String, - gid: u32, - comment: String, -} - -impl CreateUser { - #[tracing::instrument(level = "debug", skip_all)] - pub async fn plan( - name: String, - uid: u32, - groupname: String, - gid: u32, - comment: String, - ) -> Result, ActionError> { - let this = Self { - name: name.clone(), - uid, - groupname, - gid, - comment, - }; - - match OperatingSystem::host() { - OperatingSystem::MacOSX { .. } | OperatingSystem::Darwin => (), - _ => { - if !(which::which("useradd").is_ok() || which::which("adduser").is_ok()) { - return Err(Self::error(ActionErrorKind::MissingUserCreationCommand)); - } - if !(which::which("userdel").is_ok() || which::which("deluser").is_ok()) { - return Err(Self::error(ActionErrorKind::MissingUserDeletionCommand)); - } - }, - } - - // Ensure user does not exists - if let Some(user) = User::from_name(name.as_str()) - .map_err(|e| ActionErrorKind::GettingUserId(name.clone(), e)) - .map_err(Self::error)? - { - if user.uid.as_raw() != uid { - return Err(Self::error(ActionErrorKind::UserUidMismatch( - name.clone(), - user.uid.as_raw(), - uid, - ))); - } - - if user.gid.as_raw() != gid { - return Err(Self::error(ActionErrorKind::UserGidMismatch( - name.clone(), - user.gid.as_raw(), - gid, - ))); - } - - tracing::debug!("Creating user `{}` already complete", this.name); - return Ok(StatefulAction::completed(this)); - } - - Ok(StatefulAction::uncompleted(this)) - } -} - -#[async_trait::async_trait] -#[typetag::serde(name = "create_user")] -impl Action for CreateUser { - fn action_tag() -> ActionTag { - ActionTag("create_user") - } - fn tracing_synopsis(&self) -> String { - format!( - "Create user `{}` (UID {}) in group `{}` (GID {})", - self.name, self.uid, self.groupname, self.gid - ) - } - - fn tracing_span(&self) -> Span { - span!( - tracing::Level::DEBUG, - "create_user", - user = self.name, - uid = self.uid, - groupname = self.groupname, - gid = self.gid, - ) - } - - fn execute_description(&self) -> Vec { - vec![ActionDescription::new( - self.tracing_synopsis(), - vec![format!( - "The Nix daemon requires system users it can act as in order to build" - )], - )] - } - - #[tracing::instrument(level = "debug", skip_all)] - async fn execute(&mut self) -> Result<(), ActionError> { - let Self { - name, - uid, - groupname, - gid, - comment, - } = self; - - use OperatingSystem; - match OperatingSystem::host() { - OperatingSystem::MacOSX { - major: _, - minor: _, - patch: _, - } - | OperatingSystem::Darwin => { - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([".", "-create", &format!("/Users/{name}")]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([ - ".", - "-create", - &format!("/Users/{name}"), - "UniqueID", - &format!("{uid}"), - ]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([ - ".", - "-create", - &format!("/Users/{name}"), - "PrimaryGroupID", - &format!("{gid}"), - ]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([ - ".", - "-create", - &format!("/Users/{name}"), - "NFSHomeDirectory", - "/var/empty", - ]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([ - ".", - "-create", - &format!("/Users/{name}"), - "UserShell", - "/sbin/nologin", - ]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - execute_command( - Command::new("/usr/bin/dscl") - .process_group(0) - .args([".", "-create", &format!("/Users/{name}"), "IsHidden", "1"]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - }, - _ => { - if which::which("useradd").is_ok() { - execute_command( - Command::new("useradd") - .process_group(0) - .args([ - "--home-dir", - "/var/empty", - "--comment", - &comment, - "--gid", - &gid.to_string(), - "--groups", - &gid.to_string(), - "--no-user-group", - "--system", - "--shell", - "/sbin/nologin", - "--uid", - &uid.to_string(), - "--password", - "!", - name, - ]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else if which::which("adduser").is_ok() { - execute_command( - Command::new("adduser") - .process_group(0) - .args([ - "--home", - "/var/empty", - "--gecos", - &comment, - "--ingroup", - groupname, - "--system", - "--shell", - "/sbin/nologin", - "--uid", - &uid.to_string(), - "--disabled-password", - name, - ]) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else { - return Err(Self::error(ActionErrorKind::MissingUserCreationCommand)); - } - }, - } - - Ok(()) - } - - fn revert_description(&self) -> Vec { - vec![ActionDescription::new( - format!( - "Delete user `{}` (UID {}) in group {} (GID {})", - self.name, self.uid, self.groupname, self.gid - ), - vec![format!( - "The Nix daemon requires system users it can act as in order to build" - )], - )] - } - - #[tracing::instrument(level = "debug", skip_all)] - async fn revert(&mut self) -> Result<(), ActionError> { - use OperatingSystem; - match OperatingSystem::host() { - OperatingSystem::MacOSX { - major: _, - minor: _, - patch: _, - } - | OperatingSystem::Darwin => { - // MacOS is a "Special" case - // It's only possible to delete users under certain conditions. - // Documentation on https://it.megocollector.com/macos/cant-delete-a-macos-user-with-dscl-resolution/ and http://www.aixperts.co.uk/?p=214 suggested it was a secure token - // That is correct, however it's a bit more nuanced. It appears to be that a user must be graphically logged in for some other user on the system to be deleted. - let mut command = Command::new("/usr/bin/dscl"); - command.args([".", "-delete", &format!("/Users/{}", self.name)]); - command.process_group(0); - command.stdin(std::process::Stdio::null()); - - let output = command - .output() - .await - .map_err(|e| ActionErrorKind::command(&command, e)) - .map_err(Self::error)?; - let stderr = String::from_utf8_lossy(&output.stderr); - match output.status.code() { - Some(0) => (), - Some(40) if stderr.contains("-14120") => { - // The user is on an ephemeral Mac, like detsys uses - // These Macs cannot always delete users, as sometimes there is no graphical login - tracing::warn!("Encountered an exit code 40 with -14120 error while removing user, this is likely because the initial executing user did not have a secure token, or that there was no graphical login session. To delete the user, log in graphically, then run `/usr/bin/dscl . -delete /Users/{}", self.name); - }, - _ => { - // Something went wrong - return Err(Self::error(ActionErrorKind::command_output( - &command, output, - ))); - }, - } - }, - _ => { - if which::which("userdel").is_ok() { - execute_command( - Command::new("userdel") - .process_group(0) - .arg(&self.name) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else if which::which("deluser").is_ok() { - execute_command( - Command::new("deluser") - .process_group(0) - .arg(&self.name) - .stdin(std::process::Stdio::null()), - ) - .await - .map_err(Self::error)?; - } else { - return Err(Self::error(ActionErrorKind::MissingUserDeletionCommand)); - } - }, - }; - - Ok(()) - } -} diff --git a/src/action/base/delete_user.rs b/src/action/base/delete_user.rs new file mode 100644 index 0000000..4994d77 --- /dev/null +++ b/src/action/base/delete_user.rs @@ -0,0 +1,149 @@ +use nix::unistd::User; +use target_lexicon::OperatingSystem; +use tokio::process::Command; +use tracing::{span, Span}; + +use crate::action::{ActionError, ActionErrorKind, ActionTag}; +use crate::execute_command; + +use crate::action::{Action, ActionDescription, StatefulAction}; + +/** +Delete an operating system level user +*/ +#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)] +pub struct DeleteUser { + name: String, +} + +impl DeleteUser { + #[tracing::instrument(level = "debug", skip_all)] + pub async fn plan(name: String) -> Result, ActionError> { + let this = Self { name: name.clone() }; + + match OperatingSystem::host() { + OperatingSystem::MacOSX { .. } | OperatingSystem::Darwin => (), + _ => { + if !(which::which("userdel").is_ok() || which::which("deluser").is_ok()) { + return Err(Self::error(ActionErrorKind::MissingUserDeletionCommand)); + } + }, + } + + // Ensure user exists + let _ = User::from_name(name.as_str()) + .map_err(|e| ActionErrorKind::GettingUserId(name.clone(), e)) + .map_err(Self::error)? + .ok_or_else(|| ActionErrorKind::NoUser(name.clone())) + .map_err(Self::error)?; + + // There is no "StatefulAction::completed" for this action since if the user is to be deleted + // it is an error if it does not exist. + + Ok(StatefulAction::uncompleted(this)) + } +} + +#[async_trait::async_trait] +#[typetag::serde(name = "delete_user")] +impl Action for DeleteUser { + fn action_tag() -> ActionTag { + ActionTag("delete_user") + } + fn tracing_synopsis(&self) -> String { + format!( + "Delete user `{}`, which exists due to a previous install, but is no longer required", + self.name + ) + } + + fn tracing_span(&self) -> Span { + span!(tracing::Level::DEBUG, "delete_user", user = self.name,) + } + + fn execute_description(&self) -> Vec { + vec![ActionDescription::new( + self.tracing_synopsis(), + vec![format!( + "Nix with `auto-allocate-uids = true` no longer requires explicitly created users, so this user can be removed" + )], + )] + } + + #[tracing::instrument(level = "debug", skip_all)] + async fn execute(&mut self) -> Result<(), ActionError> { + use OperatingSystem; + match OperatingSystem::host() { + OperatingSystem::MacOSX { + major: _, + minor: _, + patch: _, + } + | OperatingSystem::Darwin => { + // MacOS is a "Special" case + // It's only possible to delete users under certain conditions. + // Documentation on https://it.megocollector.com/macos/cant-delete-a-macos-user-with-dscl-resolution/ and http://www.aixperts.co.uk/?p=214 suggested it was a secure token + // That is correct, however it's a bit more nuanced. It appears to be that a user must be graphically logged in for some other user on the system to be deleted. + let mut command = Command::new("/usr/bin/dscl"); + command.args([".", "-delete", &format!("/Users/{}", self.name)]); + command.process_group(0); + command.stdin(std::process::Stdio::null()); + + let output = command + .output() + .await + .map_err(|e| ActionErrorKind::command(&command, e)) + .map_err(Self::error)?; + let stderr = String::from_utf8_lossy(&output.stderr); + match output.status.code() { + Some(0) => (), + Some(40) if stderr.contains("-14120") => { + // The user is on an ephemeral Mac, like detsys uses + // These Macs cannot always delete users, as sometimes there is no graphical login + tracing::warn!("Encountered an exit code 40 with -14120 error while removing user, this is likely because the initial executing user did not have a secure token, or that there was no graphical login session. To delete the user, log in graphically, then run `/usr/bin/dscl . -delete /Users/{}", self.name); + }, + _ => { + // Something went wrong + return Err(Self::error(ActionErrorKind::command_output( + &command, output, + ))); + }, + } + }, + _ => { + if which::which("userdel").is_ok() { + execute_command( + Command::new("userdel") + .process_group(0) + .arg(&self.name) + .stdin(std::process::Stdio::null()), + ) + .await + .map_err(Self::error)?; + } else if which::which("deluser").is_ok() { + execute_command( + Command::new("deluser") + .process_group(0) + .arg(&self.name) + .stdin(std::process::Stdio::null()), + ) + .await + .map_err(Self::error)?; + } else { + return Err(Self::error(ActionErrorKind::MissingUserDeletionCommand)); + } + }, + }; + + Ok(()) + } + + fn revert_description(&self) -> Vec { + vec![] + } + + #[tracing::instrument(level = "debug", skip_all)] + async fn revert(&mut self) -> Result<(), ActionError> { + Ok(()) + } +} diff --git a/src/action/base/mod.rs b/src/action/base/mod.rs index 3b09580..4601cc9 100644 --- a/src/action/base/mod.rs +++ b/src/action/base/mod.rs @@ -1,24 +1,22 @@ //! Base [`Action`](crate::action::Action)s that themselves have no other actions as dependencies -pub(crate) mod add_user_to_group; pub(crate) mod create_directory; pub(crate) mod create_file; pub(crate) mod create_group; pub(crate) mod create_or_insert_into_file; pub(crate) mod create_or_merge_nix_config; -pub(crate) mod create_user; +pub(crate) mod delete_user; pub(crate) mod fetch_and_unpack_nix; pub(crate) mod move_unpacked_nix; pub(crate) mod remove_directory; pub(crate) mod setup_default_profile; -pub use add_user_to_group::AddUserToGroup; pub use create_directory::CreateDirectory; pub use create_file::CreateFile; pub use create_group::CreateGroup; pub use create_or_insert_into_file::CreateOrInsertIntoFile; pub use create_or_merge_nix_config::CreateOrMergeNixConfig; -pub use create_user::CreateUser; +pub use delete_user::DeleteUser; pub use fetch_and_unpack_nix::{FetchAndUnpackNix, FetchUrlError}; pub use move_unpacked_nix::{MoveUnpackedNix, MoveUnpackedNixError}; pub use remove_directory::RemoveDirectory; diff --git a/src/action/common/create_users_and_groups.rs b/src/action/common/create_users_and_groups.rs deleted file mode 100644 index e460734..0000000 --- a/src/action/common/create_users_and_groups.rs +++ /dev/null @@ -1,278 +0,0 @@ -use crate::{ - action::{ - base::{AddUserToGroup, CreateGroup, CreateUser}, - Action, ActionDescription, ActionError, ActionErrorKind, ActionTag, StatefulAction, - }, - settings::CommonSettings, -}; -use tracing::{span, Span}; - -#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)] -pub struct CreateUsersAndGroups { - nix_build_user_count: u32, - nix_build_group_name: String, - nix_build_group_id: u32, - nix_build_user_prefix: String, - nix_build_user_id_base: u32, - create_group: StatefulAction, - create_users: Vec>, - add_users_to_groups: Vec>, -} - -impl CreateUsersAndGroups { - #[tracing::instrument(level = "debug", skip_all)] - pub async fn plan(settings: CommonSettings) -> Result, ActionError> { - let create_group = CreateGroup::plan( - settings.nix_build_group_name.clone(), - settings.nix_build_group_id, - )?; - let mut create_users = Vec::with_capacity(settings.nix_build_user_count as usize); - let mut add_users_to_groups = Vec::with_capacity(settings.nix_build_user_count as usize); - for index in 1..=settings.nix_build_user_count { - create_users.push( - CreateUser::plan( - format!("{}{index}", settings.nix_build_user_prefix), - settings.nix_build_user_id_base + index, - settings.nix_build_group_name.clone(), - settings.nix_build_group_id, - format!("Nix build user {index}"), - ) - .await - .map_err(Self::error)?, - ); - add_users_to_groups.push( - AddUserToGroup::plan( - format!("{}{index}", settings.nix_build_user_prefix), - settings.nix_build_user_id_base + index, - settings.nix_build_group_name.clone(), - settings.nix_build_group_id, - ) - .await - .map_err(Self::error)?, - ); - } - Ok(Self { - nix_build_user_count: settings.nix_build_user_count, - nix_build_group_name: settings.nix_build_group_name, - nix_build_group_id: settings.nix_build_group_id, - nix_build_user_prefix: settings.nix_build_user_prefix, - nix_build_user_id_base: settings.nix_build_user_id_base, - create_group, - create_users, - add_users_to_groups, - } - .into()) - } -} - -#[async_trait::async_trait] -#[typetag::serde(name = "create_users_and_group")] -impl Action for CreateUsersAndGroups { - fn action_tag() -> ActionTag { - ActionTag("create_users_and_group") - } - fn tracing_synopsis(&self) -> String { - format!( - "Create build users (UID {}-{}) and group (GID {})", - self.nix_build_user_id_base, - self.nix_build_user_id_base + self.nix_build_user_count, - self.nix_build_group_id - ) - } - - fn tracing_span(&self) -> Span { - span!( - tracing::Level::DEBUG, - "create_users_and_group", - nix_build_user_count = self.nix_build_user_count, - nix_build_group_name = self.nix_build_group_name, - nix_build_group_id = self.nix_build_group_id, - nix_build_user_prefix = self.nix_build_user_prefix, - nix_build_user_id_base = self.nix_build_user_id_base, - ) - } - - fn execute_description(&self) -> Vec { - let Self { - nix_build_user_count: _, - nix_build_group_name: _, - nix_build_group_id: _, - nix_build_user_prefix: _, - nix_build_user_id_base: _, - create_group, - create_users, - add_users_to_groups, - } = &self; - - let mut create_users_descriptions = Vec::new(); - for create_user in create_users { - if let Some(val) = create_user.describe_execute().iter().next() { - create_users_descriptions.push(val.description.clone()) - } - } - - let mut add_user_to_group_descriptions = Vec::new(); - for add_user_to_group in add_users_to_groups { - if let Some(val) = add_user_to_group.describe_execute().iter().next() { - add_user_to_group_descriptions.push(val.description.clone()) - } - } - - let mut explanation = vec![ - format!("The Nix daemon requires system users (and a group they share) which it can act as in order to build"), - ]; - if let Some(val) = create_group.describe_execute().iter().next() { - explanation.push(val.description.clone()) - } - explanation.append(&mut create_users_descriptions); - explanation.append(&mut add_user_to_group_descriptions); - - vec![ActionDescription::new(self.tracing_synopsis(), explanation)] - } - - #[tracing::instrument(level = "debug", skip_all)] - async fn execute(&mut self) -> Result<(), ActionError> { - let Self { - create_users, - create_group, - add_users_to_groups, - nix_build_user_count: _, - nix_build_group_name: _, - nix_build_group_id: _, - nix_build_user_prefix: _, - nix_build_user_id_base: _, - } = self; - - // Create group - create_group.try_execute().await?; - - // Mac is apparently not threadsafe here... - use target_lexicon::OperatingSystem; - match OperatingSystem::host() { - OperatingSystem::MacOSX { - major: _, - minor: _, - patch: _, - } - | OperatingSystem::Darwin => { - for create_user in create_users.iter_mut() { - create_user.try_execute().await.map_err(Self::error)?; - } - }, - _ => { - for create_user in create_users.iter_mut() { - create_user.try_execute().await.map_err(Self::error)?; - } - // While we may be tempted to do something like this, it can break on many older OSes like Ubuntu 18.04: - // ``` - // useradd: cannot lock /etc/passwd; try again later. - // ``` - // So, instead, we keep this here in hopes one day we can enable it for some detected OS: - // - // let mut set = JoinSet::new(); - // let mut errors: Vec> = Vec::new(); - // for (idx, create_user) in create_users.iter_mut().enumerate() { - // let span = tracing::Span::current().clone(); - // let mut create_user_clone = create_user.clone(); - // let _abort_handle = set.spawn(async move { - // create_user_clone.try_execute().instrument(span).await?; - // Result::<_, _>::Ok((idx, create_user_clone)) - // }); - // } - - // while let Some(result) = set.join_next().await { - // match result { - // Ok(Ok((idx, success))) => create_users[idx] = success, - // Ok(Err(e)) => errors.push(Box::new(e)), - // Err(e) => return Err(ActionErrorKind::Join(e))?, - // }; - // } - - // if !errors.is_empty() { - // if errors.len() == 1 { - // return Err(errors.into_iter().next().unwrap().into()); - // } else { - // return Err(ActionErrorKind::Children(errors)); - // } - // } - }, - }; - - for add_user_to_group in add_users_to_groups.iter_mut() { - add_user_to_group.try_execute().await.map_err(Self::error)?; - } - - Ok(()) - } - - fn revert_description(&self) -> Vec { - let Self { - nix_build_user_count: _, - nix_build_group_name: _, - nix_build_group_id: _, - nix_build_user_prefix: _, - nix_build_user_id_base: _, - create_group, - create_users, - add_users_to_groups, - } = &self; - let mut create_users_descriptions = Vec::new(); - for create_user in create_users { - if let Some(val) = create_user.describe_revert().iter().next() { - create_users_descriptions.push(val.description.clone()) - } - } - - let mut add_user_to_group_descriptions = Vec::new(); - for add_user_to_group in add_users_to_groups { - if let Some(val) = add_user_to_group.describe_revert().iter().next() { - add_user_to_group_descriptions.push(val.description.clone()) - } - } - - let mut explanation = vec![ - format!("The Nix daemon requires system users (and a group they share) which it can act as in order to build"), - ]; - if let Some(val) = create_group.describe_revert().iter().next() { - explanation.push(val.description.clone()) - } - explanation.append(&mut create_users_descriptions); - explanation.append(&mut add_user_to_group_descriptions); - - vec![ActionDescription::new( - format!("Remove Nix users and group"), - explanation, - )] - } - - #[tracing::instrument(level = "debug", skip_all)] - async fn revert(&mut self) -> Result<(), ActionError> { - let mut errors = vec![]; - for create_user in self.create_users.iter_mut() { - if let Err(err) = create_user.try_revert().await { - errors.push(err); - } - } - - // We don't actually need to do this, when a user is deleted they are removed from groups - // for add_user_to_group in add_users_to_groups.iter_mut() { - // add_user_to_group.try_revert().await?; - // } - - // Create group - if let Err(err) = self.create_group.try_revert().await { - errors.push(err); - } - - if errors.is_empty() { - Ok(()) - } else if errors.len() == 1 { - Err(errors - .into_iter() - .next() - .expect("Expected 1 len Vec to have at least 1 item")) - } else { - Err(Self::error(ActionErrorKind::MultipleChildren(errors))) - } - } -} diff --git a/src/action/common/delete_users.rs b/src/action/common/delete_users.rs new file mode 100644 index 0000000..81bb426 --- /dev/null +++ b/src/action/common/delete_users.rs @@ -0,0 +1,118 @@ +use crate::action::{ + base::DeleteUser, Action, ActionDescription, ActionError, ActionErrorKind, ActionTag, + StatefulAction, +}; +use tracing::{span, Span}; + +#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)] +pub struct DeleteUsersInGroup { + group_name: String, + group_id: u32, + delete_users: Vec>, +} + +impl DeleteUsersInGroup { + #[tracing::instrument(level = "debug", skip_all)] + pub async fn plan( + group_name: String, + group_id: u32, + users: Vec, + ) -> Result, ActionError> { + let mut delete_users = vec![]; + for users in users { + delete_users.push(DeleteUser::plan(users).await?) + } + + Ok(Self { + group_name, + group_id, + delete_users, + } + .into()) + } +} + +#[async_trait::async_trait] +#[typetag::serde(name = "delete_users_in_group")] +impl Action for DeleteUsersInGroup { + fn action_tag() -> ActionTag { + ActionTag("delete_users_in_group") + } + fn tracing_synopsis(&self) -> String { + format!( + "Delete users part of group `{}` (GID {}), they are part of a previous install and are no longer required with `auto-allocate-uids = true` in nix.conf", + self.group_name, + self.group_id, + ) + } + + fn tracing_span(&self) -> Span { + span!( + tracing::Level::DEBUG, + "delete_users_in_group", + group_name = self.group_name, + group_id = self.group_id, + ) + } + + fn execute_description(&self) -> Vec { + let mut delete_users_descriptions = Vec::new(); + for delete_user in self.delete_users.iter() { + if let Some(val) = delete_user.describe_execute().iter().next() { + delete_users_descriptions.push(val.description.clone()) + } + } + + let mut explanation = vec![ + format!("The `auto-allocate-uids` feature allows Nix to create UIDs dynamically as needed, meaning these users leftover from a previous install can be deleted"), + ]; + explanation.append(&mut delete_users_descriptions); + + vec![ActionDescription::new(self.tracing_synopsis(), explanation)] + } + + #[tracing::instrument(level = "debug", skip_all)] + async fn execute(&mut self) -> Result<(), ActionError> { + for delete_user in self.delete_users.iter_mut() { + delete_user.try_execute().await.map_err(Self::error)?; + } + Ok(()) + } + + fn revert_description(&self) -> Vec { + let mut delete_users_descriptions = Vec::new(); + for delete_user in self.delete_users.iter() { + if let Some(val) = delete_user.describe_revert().iter().next() { + delete_users_descriptions.push(val.description.clone()) + } + } + + let mut explanation = vec![ + format!("The `auto-allocate-uids` feature allows Nix to create UIDs dynamically as needed, meaning these users leftover from a previous install can be deleted"), + ]; + explanation.append(&mut delete_users_descriptions); + + vec![ActionDescription::new(self.tracing_synopsis(), explanation)] + } + + #[tracing::instrument(level = "debug", skip_all)] + async fn revert(&mut self) -> Result<(), ActionError> { + let mut errors = vec![]; + for delete_user in self.delete_users.iter_mut() { + if let Err(err) = delete_user.try_revert().await { + errors.push(err); + } + } + + if errors.is_empty() { + Ok(()) + } else if errors.len() == 1 { + Err(errors + .into_iter() + .next() + .expect("Expected 1 len Vec to have at least 1 item")) + } else { + Err(Self::error(ActionErrorKind::MultipleChildren(errors))) + } + } +} diff --git a/src/action/common/mod.rs b/src/action/common/mod.rs index 21de280..f2cb8c9 100644 --- a/src/action/common/mod.rs +++ b/src/action/common/mod.rs @@ -4,7 +4,7 @@ pub(crate) mod configure_init_service; pub(crate) mod configure_nix; pub(crate) mod configure_shell_profile; pub(crate) mod create_nix_tree; -pub(crate) mod create_users_and_groups; +pub(crate) mod delete_users; pub(crate) mod place_nix_configuration; pub(crate) mod provision_nix; @@ -12,6 +12,6 @@ pub use configure_init_service::{ConfigureInitService, ConfigureNixDaemonService pub use configure_nix::ConfigureNix; pub use configure_shell_profile::ConfigureShellProfile; pub use create_nix_tree::CreateNixTree; -pub use create_users_and_groups::CreateUsersAndGroups; +pub use delete_users::DeleteUsersInGroup; pub use place_nix_configuration::PlaceNixConfiguration; pub use provision_nix::ProvisionNix; diff --git a/src/action/common/place_nix_configuration.rs b/src/action/common/place_nix_configuration.rs index 395159e..5509e9c 100644 --- a/src/action/common/place_nix_configuration.rs +++ b/src/action/common/place_nix_configuration.rs @@ -34,7 +34,7 @@ impl PlaceNixConfiguration { settings.insert("build-users-group".to_string(), nix_build_group_name); settings.insert( "experimental-features".to_string(), - "nix-command flakes".to_string(), + "nix-command flakes auto-allocate-uids".to_string(), ); settings.insert("auto-optimise-store".to_string(), "true".to_string()); settings.insert( @@ -45,6 +45,7 @@ impl PlaceNixConfiguration { "extra-nix-path".to_string(), "nixpkgs=flake:nixpkgs".to_string(), ); + settings.insert("auto-allocate-uids".to_string(), "true".to_string()); let create_directory = CreateDirectory::plan(NIX_CONF_FOLDER, None, None, 0o0755, force) .await diff --git a/src/action/common/provision_nix.rs b/src/action/common/provision_nix.rs index 63d23a4..abfebe5 100644 --- a/src/action/common/provision_nix.rs +++ b/src/action/common/provision_nix.rs @@ -1,9 +1,10 @@ +use nix::unistd::Group; use tracing::{span, Span}; -use super::{CreateNixTree, CreateUsersAndGroups}; +use super::{CreateNixTree, DeleteUsersInGroup}; use crate::{ action::{ - base::{FetchAndUnpackNix, MoveUnpackedNix}, + base::{CreateGroup, FetchAndUnpackNix, MoveUnpackedNix}, Action, ActionDescription, ActionError, ActionErrorKind, ActionTag, StatefulAction, }, settings::{CommonSettings, SCRATCH_DIR}, @@ -16,7 +17,8 @@ Place Nix and it's requirements onto the target #[derive(Debug, serde::Deserialize, serde::Serialize, Clone)] pub struct ProvisionNix { fetch_nix: StatefulAction, - create_users_and_group: StatefulAction, + delete_users_in_group: Option>, + create_group: StatefulAction, create_nix_tree: StatefulAction, move_unpacked_nix: StatefulAction, } @@ -31,16 +33,50 @@ impl ProvisionNix { settings.ssl_cert_file.clone(), ) .await?; - let create_users_and_group = CreateUsersAndGroups::plan(settings.clone()) - .await - .map_err(Self::error)?; + + let delete_users_in_group = if let Some(group) = + Group::from_name(settings.nix_build_group_name.as_str()) + .map_err(|e| { + ActionErrorKind::GettingGroupId(settings.nix_build_group_name.clone(), e) + }) + .map_err(Self::error)? + { + if group.gid.as_raw() != settings.nix_build_group_id { + return Err(Self::error(ActionErrorKind::GroupGidMismatch( + settings.nix_build_group_name.clone(), + group.gid.as_raw(), + settings.nix_build_group_id, + ))); + } + if group.mem.is_empty() { + None + } else { + Some( + DeleteUsersInGroup::plan( + settings.nix_build_group_name.clone(), + settings.nix_build_group_id, + group.mem, + ) + .await?, + ) + } + } else { + None + }; + + let create_group = CreateGroup::plan( + settings.nix_build_group_name.clone(), + settings.nix_build_group_id, + ) + .map_err(Self::error)?; let create_nix_tree = CreateNixTree::plan().await.map_err(Self::error)?; let move_unpacked_nix = MoveUnpackedNix::plan(PathBuf::from(SCRATCH_DIR)) .await .map_err(Self::error)?; Ok(Self { fetch_nix, - create_users_and_group, + delete_users_in_group, + create_group, create_nix_tree, move_unpacked_nix, } @@ -65,14 +101,20 @@ impl Action for ProvisionNix { fn execute_description(&self) -> Vec { let Self { fetch_nix, - create_users_and_group, + delete_users_in_group, + create_group, create_nix_tree, move_unpacked_nix, } = &self; let mut buf = Vec::default(); buf.append(&mut fetch_nix.describe_execute()); - buf.append(&mut create_users_and_group.describe_execute()); + + if let Some(delete_users_in_group) = delete_users_in_group { + buf.append(&mut delete_users_in_group.describe_execute()); + } + + buf.append(&mut create_group.describe_execute()); buf.append(&mut create_nix_tree.describe_execute()); buf.append(&mut move_unpacked_nix.describe_execute()); @@ -88,10 +130,14 @@ impl Action for ProvisionNix { Result::<_, ActionError>::Ok(fetch_nix_clone) }); - self.create_users_and_group - .try_execute() - .await - .map_err(Self::error)?; + if let Some(delete_users_in_group) = &mut self.delete_users_in_group { + delete_users_in_group + .try_execute() + .await + .map_err(Self::error)?; + } + + self.create_group.try_execute().await.map_err(Self::error)?; self.create_nix_tree .try_execute() .await @@ -112,7 +158,8 @@ impl Action for ProvisionNix { fn revert_description(&self) -> Vec { let Self { fetch_nix, - create_users_and_group, + delete_users_in_group, + create_group, create_nix_tree, move_unpacked_nix, } = &self; @@ -120,7 +167,12 @@ impl Action for ProvisionNix { let mut buf = Vec::default(); buf.append(&mut move_unpacked_nix.describe_revert()); buf.append(&mut create_nix_tree.describe_revert()); - buf.append(&mut create_users_and_group.describe_revert()); + buf.append(&mut create_group.describe_revert()); + + if let Some(delete_users_in_group) = delete_users_in_group { + buf.append(&mut delete_users_in_group.describe_execute()); + } + buf.append(&mut fetch_nix.describe_revert()); buf } @@ -133,7 +185,14 @@ impl Action for ProvisionNix { errors.push(err) } - if let Err(err) = self.create_users_and_group.try_revert().await { + if let Some(delete_users_in_group) = &mut self.delete_users_in_group { + delete_users_in_group + .try_revert() + .await + .map_err(Self::error)?; + } + + if let Err(err) = self.create_group.try_revert().await { errors.push(err) } if let Err(err) = self.create_nix_tree.try_revert().await { diff --git a/src/action/mod.rs b/src/action/mod.rs index 04b4198..7c940d5 100644 --- a/src/action/mod.rs +++ b/src/action/mod.rs @@ -9,12 +9,12 @@ Base actions are things like: * [`CreateDirectory`](base::CreateDirectory) * [`CreateFile`](base::CreateFile) -* [`CreateUser`](base::CreateUser) +* [`CreateGroup`](base::CreateGroup) Composite actions are things like: * [`CreateNixTree`](common::CreateNixTree) -* [`CreateUsersAndGroups`](common::CreateUsersAndGroups) +* [`ConfigureShellProfile`](common::ConfigureShellProfile) During their `plan` phase, [`Planner`](crate::planner::Planner)s call an [`Action`]s `plan` function, which may accept any arguments. For example, several 'composite' actions accept a [`CommonSettings`](crate::settings::CommonSettings). Later, the diff --git a/src/settings.rs b/src/settings.rs index 6caa508..6d8ea68 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -70,19 +70,6 @@ pub struct CommonSettings { )] pub modify_profile: bool, - /// Number of build users to create - #[cfg_attr( - feature = "cli", - clap( - long, - default_value = "32", - alias = "daemon-user-count", - env = "NIX_INSTALLER_NIX_BUILD_USER_COUNT", - global = true - ) - )] - pub nix_build_user_count: u32, - /// The Nix build group name #[cfg_attr( feature = "cli", @@ -107,34 +94,6 @@ pub struct CommonSettings { )] pub nix_build_group_id: u32, - /// The Nix build user prefix (user numbers will be postfixed) - #[cfg_attr( - feature = "cli", - clap(long, env = "NIX_INSTALLER_NIX_BUILD_USER_PREFIX", global = true) - )] - #[cfg_attr( - all(target_os = "macos", feature = "cli"), - clap(default_value = "_nixbld") - )] - #[cfg_attr( - all(target_os = "linux", feature = "cli"), - clap(default_value = "nixbld") - )] - pub nix_build_user_prefix: String, - - /// The Nix build user base UID (ascending) - #[cfg_attr( - feature = "cli", - clap(long, env = "NIX_INSTALLER_NIX_BUILD_USER_ID_BASE", global = true) - )] - // Service users on Mac should be between 200-400 - #[cfg_attr(all(target_os = "macos", feature = "cli"), clap(default_value_t = 300))] - #[cfg_attr( - all(target_os = "linux", feature = "cli"), - clap(default_value_t = 30_000) - )] - pub nix_build_user_id_base: u32, - /// The Nix package URL #[cfg_attr( feature = "cli", @@ -230,42 +189,30 @@ impl CommonSettings { /// The default settings for the given Architecture & Operating System pub async fn default() -> Result { let url; - let nix_build_user_prefix; - let nix_build_user_id_base; use target_lexicon::{Architecture, OperatingSystem}; match (Architecture::host(), OperatingSystem::host()) { #[cfg(target_os = "linux")] (Architecture::X86_64, OperatingSystem::Linux) => { url = NIX_X64_64_LINUX_URL; - nix_build_user_prefix = "nixbld"; - nix_build_user_id_base = 30000; }, #[cfg(target_os = "linux")] (Architecture::X86_32(_), OperatingSystem::Linux) => { url = NIX_I686_LINUX_URL; - nix_build_user_prefix = "nixbld"; - nix_build_user_id_base = 30000; }, #[cfg(target_os = "linux")] (Architecture::Aarch64(_), OperatingSystem::Linux) => { url = NIX_AARCH64_LINUX_URL; - nix_build_user_prefix = "nixbld"; - nix_build_user_id_base = 30000; }, #[cfg(target_os = "macos")] (Architecture::X86_64, OperatingSystem::MacOSX { .. }) | (Architecture::X86_64, OperatingSystem::Darwin) => { url = NIX_X64_64_DARWIN_URL; - nix_build_user_prefix = "_nixbld"; - nix_build_user_id_base = 300; }, #[cfg(target_os = "macos")] (Architecture::Aarch64(_), OperatingSystem::MacOSX { .. }) | (Architecture::Aarch64(_), OperatingSystem::Darwin) => { url = NIX_AARCH64_DARWIN_URL; - nix_build_user_prefix = "_nixbld"; - nix_build_user_id_base = 300; }, _ => { return Err(InstallSettingsError::UnsupportedArchitecture( @@ -275,12 +222,9 @@ impl CommonSettings { }; Ok(Self { - nix_build_user_count: 32, modify_profile: true, nix_build_group_name: String::from("nixbld"), nix_build_group_id: 30_000, - nix_build_user_prefix: nix_build_user_prefix.to_string(), - nix_build_user_id_base, nix_package_url: url.parse()?, proxy: Default::default(), extra_conf: Default::default(), @@ -295,11 +239,8 @@ impl CommonSettings { pub fn settings(&self) -> Result, InstallSettingsError> { let Self { modify_profile, - nix_build_user_count, nix_build_group_name, nix_build_group_id, - nix_build_user_prefix, - nix_build_user_id_base, nix_package_url, proxy, extra_conf, @@ -314,10 +255,6 @@ impl CommonSettings { "modify_profile".into(), serde_json::to_value(modify_profile)?, ); - map.insert( - "nix_build_user_count".into(), - serde_json::to_value(nix_build_user_count)?, - ); map.insert( "nix_build_group_name".into(), serde_json::to_value(nix_build_group_name)?, @@ -326,14 +263,6 @@ impl CommonSettings { "nix_build_group_id".into(), serde_json::to_value(nix_build_group_id)?, ); - map.insert( - "nix_build_user_prefix".into(), - serde_json::to_value(nix_build_user_prefix)?, - ); - map.insert( - "nix_build_user_id_base".into(), - serde_json::to_value(nix_build_user_id_base)?, - ); map.insert( "nix_package_url".into(), serde_json::to_value(nix_package_url)?, diff --git a/tests/fixtures/linux/linux.json b/tests/fixtures/linux/linux.json index 98b388b..21b2505 100644 --- a/tests/fixtures/linux/linux.json +++ b/tests/fixtures/linux/linux.json @@ -17,637 +17,18 @@ "action": "provision_nix", "fetch_nix": { "action": { - "url": "https://releases.nixos.org/nix/nix-2.13.3/nix-2.13.3-x86_64-linux.tar.xz", - "dest": "/nix/temp-install-dir" + "url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-x86_64-linux.tar.xz", + "dest": "/nix/temp-install-dir", + "proxy": null, + "ssl_cert_file": null }, "state": "Uncompleted" }, - "create_users_and_group": { + "delete_users": [], + "create_group": { "action": { - "nix_build_user_count": 32, - "nix_build_group_name": "nixbld", - "nix_build_group_id": 30000, - "nix_build_user_prefix": "nixbld", - "nix_build_user_id_base": 30000, - "create_group": { - "action": { - "name": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - "create_users": [ - { - "action": { - "comment": "Nix build user 1", - "name": "nixbld1", - "uid": 30001, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 2", - "name": "nixbld2", - "uid": 30002, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 3", - "name": "nixbld3", - "uid": 30003, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 4", - "name": "nixbld4", - "uid": 30004, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 5", - "name": "nixbld5", - "uid": 30005, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 6", - "name": "nixbld6", - "uid": 30006, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 7", - "name": "nixbld7", - "uid": 30007, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 8", - "name": "nixbld8", - "uid": 30008, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 9", - "name": "nixbld9", - "uid": 30009, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 10", - "name": "nixbld10", - "uid": 30010, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 11", - "name": "nixbld11", - "uid": 30011, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 12", - "name": "nixbld12", - "uid": 30012, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 13", - "name": "nixbld13", - "uid": 30013, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 14", - "name": "nixbld14", - "uid": 30014, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 15", - "name": "nixbld15", - "uid": 30015, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 16", - "name": "nixbld16", - "uid": 30016, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 17", - "name": "nixbld17", - "uid": 30017, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 18", - "name": "nixbld18", - "uid": 30018, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 19", - "name": "nixbld19", - "uid": 30019, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 20", - "name": "nixbld20", - "uid": 30020, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 21", - "name": "nixbld21", - "uid": 30021, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 22", - "name": "nixbld22", - "uid": 30022, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 23", - "name": "nixbld23", - "uid": 30023, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 24", - "name": "nixbld24", - "uid": 30024, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 25", - "name": "nixbld25", - "uid": 30025, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 26", - "name": "nixbld26", - "uid": 30026, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 27", - "name": "nixbld27", - "uid": 30027, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 28", - "name": "nixbld28", - "uid": 30028, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 29", - "name": "nixbld29", - "uid": 30029, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 30", - "name": "nixbld30", - "uid": 30030, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 31", - "name": "nixbld31", - "uid": 30031, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 32", - "name": "nixbld32", - "uid": 30032, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - } - ], - "add_users_to_groups": [ - { - "action": { - "name": "nixbld1", - "uid": 30001, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld2", - "uid": 30002, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld3", - "uid": 30003, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld4", - "uid": 30004, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld5", - "uid": 30005, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld6", - "uid": 30006, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld7", - "uid": 30007, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld8", - "uid": 30008, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld9", - "uid": 30009, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld10", - "uid": 30010, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld11", - "uid": 30011, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld12", - "uid": 30012, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld13", - "uid": 30013, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld14", - "uid": 30014, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld15", - "uid": 30015, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld16", - "uid": 30016, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld17", - "uid": 30017, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld18", - "uid": 30018, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld19", - "uid": 30019, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld20", - "uid": 30020, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld21", - "uid": 30021, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld22", - "uid": 30022, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld23", - "uid": 30023, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld24", - "uid": 30024, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld25", - "uid": 30025, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld26", - "uid": 30026, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld27", - "uid": 30027, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld28", - "uid": 30028, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld29", - "uid": 30029, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld30", - "uid": 30030, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld31", - "uid": 30031, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld32", - "uid": 30032, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - } - ] + "name": "nixbld", + "gid": 30000 }, "state": "Uncompleted" }, @@ -657,7 +38,7 @@ { "action": { "path": "/nix/var", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -667,7 +48,7 @@ { "action": { "path": "/nix/var/log", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -677,7 +58,7 @@ { "action": { "path": "/nix/var/log/nix", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -687,7 +68,7 @@ { "action": { "path": "/nix/var/log/nix/drvs", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -697,7 +78,7 @@ { "action": { "path": "/nix/var/nix", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -707,7 +88,7 @@ { "action": { "path": "/nix/var/nix/db", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -717,7 +98,7 @@ { "action": { "path": "/nix/var/nix/gcroots", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -727,7 +108,7 @@ { "action": { "path": "/nix/var/nix/gcroots/per-user", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -737,7 +118,7 @@ { "action": { "path": "/nix/var/nix/profiles", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -747,7 +128,7 @@ { "action": { "path": "/nix/var/nix/profiles/per-user", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -757,7 +138,7 @@ { "action": { "path": "/nix/var/nix/temproots", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -767,7 +148,7 @@ { "action": { "path": "/nix/var/nix/userpool", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -777,7 +158,7 @@ { "action": { "path": "/nix/var/nix/daemon-socket", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -833,7 +214,18 @@ "/etc/zsh/zshrc" ] }, - "create_directories": [], + "create_directories": [ + { + "action": { + "path": "/usr/share/fish/vendor_conf.d", + "user": null, + "group": null, + "mode": 493, + "force_prune_on_revert": false + }, + "state": "Completed" + } + ], "create_or_insert_into_files": [ { "action": { @@ -859,7 +251,7 @@ }, { "action": { - "path": "/etc/zshenv", + "path": "/etc/bash.bashrc", "user": null, "group": null, "mode": 420, @@ -870,7 +262,7 @@ }, { "action": { - "path": "/etc/bash.bashrc", + "path": "/etc/zshrc", "user": null, "group": null, "mode": 420, @@ -878,6 +270,17 @@ "position": "Beginning" }, "state": "Uncompleted" + }, + { + "action": { + "path": "/usr/share/fish/vendor_conf.d/nix.fish", + "user": null, + "group": null, + "mode": 420, + "buf": "\n# Nix\nif test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish'\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish'\nend\n# End Nix\n\n", + "position": "Beginning" + }, + "state": "Uncompleted" } ] }, @@ -900,11 +303,12 @@ "path": "/etc/nix/nix.conf", "pending_nix_config": { "settings": { - "experimental-features": "nix-command flakes", - "auto-optimise-store": "true", - "extra-nix-path": "nixpkgs=flake:nixpkgs", + "experimental-features": "nix-command flakes auto-allocate-uids", "build-users-group": "nixbld", - "bash-prompt-prefix": "(nix:$name)\\040" + "auto-optimise-store": "true", + "bash-prompt-prefix": "(nix:$name)\\040", + "extra-nix-path": "nixpkgs=flake:nixpkgs", + "auto-allocate-uids": "true" } } }, @@ -920,7 +324,8 @@ "action": { "action": "configure_init_service", "init": "Systemd", - "start_daemon": true + "start_daemon": true, + "ssl_cert_file": null }, "state": "Uncompleted" }, @@ -936,12 +341,11 @@ "planner": "linux", "settings": { "modify_profile": true, - "nix_build_user_count": 32, "nix_build_group_name": "nixbld", "nix_build_group_id": 30000, - "nix_build_user_prefix": "nixbld", - "nix_build_user_id_base": 30000, - "nix_package_url": "https://releases.nixos.org/nix/nix-2.13.3/nix-2.13.3-x86_64-linux.tar.xz", + "nix_package_url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-x86_64-linux.tar.xz", + "proxy": null, + "ssl_cert_file": null, "extra_conf": [], "force": false, "diagnostic_endpoint": "https://install.determinate.systems/nix/diagnostic" @@ -956,10 +360,11 @@ "planner": "linux", "configured_settings": [], "os_name": "Ubuntu", - "os_version": "22.04.1 LTS (Jammy Jellyfish)", + "os_version": "22.04.2 LTS (Jammy Jellyfish)", "triple": "x86_64-unknown-linux-musl", "is_ci": false, "endpoint": "https://install.determinate.systems/nix/diagnostic", + "ssl_cert_file": null, "failure_chain": null } } \ No newline at end of file diff --git a/tests/fixtures/linux/steam-deck.json b/tests/fixtures/linux/steam-deck.json index 98c63cd..ac6b09b 100644 --- a/tests/fixtures/linux/steam-deck.json +++ b/tests/fixtures/linux/steam-deck.json @@ -61,637 +61,18 @@ "action": "provision_nix", "fetch_nix": { "action": { - "url": "https://releases.nixos.org/nix/nix-2.13.3/nix-2.13.3-x86_64-linux.tar.xz", - "dest": "/nix/temp-install-dir" + "url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-x86_64-linux.tar.xz", + "dest": "/nix/temp-install-dir", + "proxy": null, + "ssl_cert_file": null }, "state": "Uncompleted" }, - "create_users_and_group": { + "delete_users": [], + "create_group": { "action": { - "nix_build_user_count": 32, - "nix_build_group_name": "nixbld", - "nix_build_group_id": 30000, - "nix_build_user_prefix": "nixbld", - "nix_build_user_id_base": 30000, - "create_group": { - "action": { - "name": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - "create_users": [ - { - "action": { - "comment": "Nix build user 1", - "name": "nixbld1", - "uid": 30001, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 2", - "name": "nixbld2", - "uid": 30002, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 3", - "name": "nixbld3", - "uid": 30003, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 4", - "name": "nixbld4", - "uid": 30004, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 5", - "name": "nixbld5", - "uid": 30005, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 6", - "name": "nixbld6", - "uid": 30006, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 7", - "name": "nixbld7", - "uid": 30007, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 8", - "name": "nixbld8", - "uid": 30008, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 9", - "name": "nixbld9", - "uid": 30009, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 10", - "name": "nixbld10", - "uid": 30010, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 11", - "name": "nixbld11", - "uid": 30011, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 12", - "name": "nixbld12", - "uid": 30012, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 13", - "name": "nixbld13", - "uid": 30013, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 14", - "name": "nixbld14", - "uid": 30014, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 15", - "name": "nixbld15", - "uid": 30015, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 16", - "name": "nixbld16", - "uid": 30016, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 17", - "name": "nixbld17", - "uid": 30017, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 18", - "name": "nixbld18", - "uid": 30018, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 19", - "name": "nixbld19", - "uid": 30019, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 20", - "name": "nixbld20", - "uid": 30020, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 21", - "name": "nixbld21", - "uid": 30021, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 22", - "name": "nixbld22", - "uid": 30022, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 23", - "name": "nixbld23", - "uid": 30023, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 24", - "name": "nixbld24", - "uid": 30024, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 25", - "name": "nixbld25", - "uid": 30025, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 26", - "name": "nixbld26", - "uid": 30026, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 27", - "name": "nixbld27", - "uid": 30027, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 28", - "name": "nixbld28", - "uid": 30028, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 29", - "name": "nixbld29", - "uid": 30029, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 30", - "name": "nixbld30", - "uid": 30030, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 31", - "name": "nixbld31", - "uid": 30031, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 32", - "name": "nixbld32", - "uid": 30032, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - } - ], - "add_users_to_groups": [ - { - "action": { - "name": "nixbld1", - "uid": 30001, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld2", - "uid": 30002, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld3", - "uid": 30003, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld4", - "uid": 30004, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld5", - "uid": 30005, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld6", - "uid": 30006, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld7", - "uid": 30007, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld8", - "uid": 30008, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld9", - "uid": 30009, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld10", - "uid": 30010, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld11", - "uid": 30011, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld12", - "uid": 30012, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld13", - "uid": 30013, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld14", - "uid": 30014, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld15", - "uid": 30015, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld16", - "uid": 30016, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld17", - "uid": 30017, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld18", - "uid": 30018, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld19", - "uid": 30019, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld20", - "uid": 30020, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld21", - "uid": 30021, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld22", - "uid": 30022, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld23", - "uid": 30023, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld24", - "uid": 30024, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld25", - "uid": 30025, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld26", - "uid": 30026, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld27", - "uid": 30027, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld28", - "uid": 30028, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld29", - "uid": 30029, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld30", - "uid": 30030, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld31", - "uid": 30031, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "nixbld32", - "uid": 30032, - "groupname": "nixbld", - "gid": 30000 - }, - "state": "Uncompleted" - } - ] + "name": "nixbld", + "gid": 30000 }, "state": "Uncompleted" }, @@ -701,7 +82,7 @@ { "action": { "path": "/nix/var", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -711,7 +92,7 @@ { "action": { "path": "/nix/var/log", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -721,7 +102,7 @@ { "action": { "path": "/nix/var/log/nix", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -731,7 +112,7 @@ { "action": { "path": "/nix/var/log/nix/drvs", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -741,7 +122,7 @@ { "action": { "path": "/nix/var/nix", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -751,7 +132,7 @@ { "action": { "path": "/nix/var/nix/db", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -761,7 +142,7 @@ { "action": { "path": "/nix/var/nix/gcroots", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -771,7 +152,7 @@ { "action": { "path": "/nix/var/nix/gcroots/per-user", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -781,7 +162,7 @@ { "action": { "path": "/nix/var/nix/profiles", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -791,7 +172,7 @@ { "action": { "path": "/nix/var/nix/profiles/per-user", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -801,7 +182,7 @@ { "action": { "path": "/nix/var/nix/temproots", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -811,7 +192,7 @@ { "action": { "path": "/nix/var/nix/userpool", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -821,7 +202,7 @@ { "action": { "path": "/nix/var/nix/daemon-socket", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -902,7 +283,7 @@ }, { "action": { - "path": "/etc/zshenv", + "path": "/etc/bash.bashrc", "user": null, "group": null, "mode": 420, @@ -913,7 +294,7 @@ }, { "action": { - "path": "/etc/bash.bashrc", + "path": "/etc/zshrc", "user": null, "group": null, "mode": 420, @@ -943,11 +324,12 @@ "path": "/etc/nix/nix.conf", "pending_nix_config": { "settings": { - "experimental-features": "nix-command flakes", "auto-optimise-store": "true", + "bash-prompt-prefix": "(nix:$name)\\040", "build-users-group": "nixbld", + "experimental-features": "nix-command flakes auto-allocate-uids", "extra-nix-path": "nixpkgs=flake:nixpkgs", - "bash-prompt-prefix": "(nix:$name)\\040" + "auto-allocate-uids": "true" } } }, @@ -963,7 +345,8 @@ "action": { "action": "configure_init_service", "init": "Systemd", - "start_daemon": true + "start_daemon": true, + "ssl_cert_file": null }, "state": "Uncompleted" }, @@ -988,12 +371,11 @@ "persistence": "/home/nix", "settings": { "modify_profile": true, - "nix_build_user_count": 32, "nix_build_group_name": "nixbld", "nix_build_group_id": 30000, - "nix_build_user_prefix": "nixbld", - "nix_build_user_id_base": 30000, - "nix_package_url": "https://releases.nixos.org/nix/nix-2.13.3/nix-2.13.3-x86_64-linux.tar.xz", + "nix_package_url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-x86_64-linux.tar.xz", + "proxy": null, + "ssl_cert_file": null, "extra_conf": [], "force": false, "diagnostic_endpoint": "https://install.determinate.systems/nix/diagnostic" @@ -1004,10 +386,11 @@ "planner": "steam-deck", "configured_settings": [], "os_name": "Ubuntu", - "os_version": "22.04.1 LTS (Jammy Jellyfish)", + "os_version": "22.04.2 LTS (Jammy Jellyfish)", "triple": "x86_64-unknown-linux-musl", "is_ci": false, "endpoint": "https://install.determinate.systems/nix/diagnostic", + "ssl_cert_file": null, "failure_chain": null } } \ No newline at end of file diff --git a/tests/fixtures/macos/macos.json b/tests/fixtures/macos/macos.json index 7e7ee70..6c7ebad 100644 --- a/tests/fixtures/macos/macos.json +++ b/tests/fixtures/macos/macos.json @@ -4,10 +4,10 @@ { "action": { "action": "create_apfs_volume", - "disk": "disk1", + "disk": "disk3", "name": "Nix Store", "case_sensitive": false, - "encrypt": true, + "encrypt": false, "create_or_append_synthetic_conf": { "action": { "path": "/etc/synthetic.conf", @@ -25,14 +25,14 @@ }, "unmount_volume": { "action": { - "disk": "disk1", + "disk": "disk3", "name": "Nix Store" }, "state": "Uncompleted" }, "create_volume": { "action": { - "disk": "disk1", + "disk": "disk3", "name": "Nix Store", "case_sensitive": false }, @@ -45,13 +45,7 @@ }, "state": "Uncompleted" }, - "encrypt_volume": { - "action": { - "disk": "disk1", - "name": "Nix Store" - }, - "state": "Uncompleted" - }, + "encrypt_volume": null, "setup_volume_daemon": { "action": { "path": "/Library/LaunchDaemons/org.nixos.darwin-store.plist", @@ -92,637 +86,18 @@ "action": "provision_nix", "fetch_nix": { "action": { - "url": "https://releases.nixos.org/nix/nix-2.13.2/nix-2.13.2-x86_64-darwin.tar.xz", - "dest": "/nix/temp-install-dir" + "url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-aarch64-darwin.tar.xz", + "dest": "/nix/temp-install-dir", + "proxy": null, + "ssl_cert_file": null }, "state": "Uncompleted" }, - "create_users_and_group": { + "delete_users": [], + "create_group": { "action": { - "nix_build_user_count": 32, - "nix_build_group_name": "nixbld", - "nix_build_group_id": 3000, - "nix_build_user_prefix": "_nixbld", - "nix_build_user_id_base": 300, - "create_group": { - "action": { - "name": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - "create_users": [ - { - "action": { - "comment": "Nix build user 1", - "name": "_nixbld1", - "uid": 301, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 2", - "name": "_nixbld2", - "uid": 302, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 3", - "name": "_nixbld3", - "uid": 303, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 4", - "name": "_nixbld4", - "uid": 304, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 5", - "name": "_nixbld5", - "uid": 305, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 6", - "name": "_nixbld6", - "uid": 306, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 7", - "name": "_nixbld7", - "uid": 307, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 8", - "name": "_nixbld8", - "uid": 308, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 9", - "name": "_nixbld9", - "uid": 309, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 10", - "name": "_nixbld10", - "uid": 310, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 11", - "name": "_nixbld11", - "uid": 311, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 12", - "name": "_nixbld12", - "uid": 312, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 13", - "name": "_nixbld13", - "uid": 313, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 14", - "name": "_nixbld14", - "uid": 314, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 15", - "name": "_nixbld15", - "uid": 315, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 16", - "name": "_nixbld16", - "uid": 316, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 17", - "name": "_nixbld17", - "uid": 317, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 18", - "name": "_nixbld18", - "uid": 318, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 19", - "name": "_nixbld19", - "uid": 319, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 20", - "name": "_nixbld20", - "uid": 320, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 21", - "name": "_nixbld21", - "uid": 321, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 22", - "name": "_nixbld22", - "uid": 322, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 23", - "name": "_nixbld23", - "uid": 323, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 24", - "name": "_nixbld24", - "uid": 324, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 25", - "name": "_nixbld25", - "uid": 325, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 26", - "name": "_nixbld26", - "uid": 326, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 27", - "name": "_nixbld27", - "uid": 327, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 28", - "name": "_nixbld28", - "uid": 328, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 29", - "name": "_nixbld29", - "uid": 329, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 30", - "name": "_nixbld30", - "uid": 330, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 31", - "name": "_nixbld31", - "uid": 331, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "comment": "Nix build user 32", - "name": "_nixbld32", - "uid": 332, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - } - ], - "add_users_to_groups": [ - { - "action": { - "name": "_nixbld1", - "uid": 301, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld2", - "uid": 302, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld3", - "uid": 303, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld4", - "uid": 304, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld5", - "uid": 305, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld6", - "uid": 306, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld7", - "uid": 307, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld8", - "uid": 308, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld9", - "uid": 309, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld10", - "uid": 310, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld11", - "uid": 311, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld12", - "uid": 312, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld13", - "uid": 313, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld14", - "uid": 314, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld15", - "uid": 315, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld16", - "uid": 316, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld17", - "uid": 317, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld18", - "uid": 318, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld19", - "uid": 319, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld20", - "uid": 320, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld21", - "uid": 321, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld22", - "uid": 322, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld23", - "uid": 323, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld24", - "uid": 324, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld25", - "uid": 325, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld26", - "uid": 326, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld27", - "uid": 327, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld28", - "uid": 328, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld29", - "uid": 329, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld30", - "uid": 330, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld31", - "uid": 331, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - }, - { - "action": { - "name": "_nixbld32", - "uid": 332, - "groupname": "nixbld", - "gid": 3000 - }, - "state": "Uncompleted" - } - ] + "name": "nixbld", + "gid": 30000 }, "state": "Uncompleted" }, @@ -732,7 +107,7 @@ { "action": { "path": "/nix/var", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -742,7 +117,7 @@ { "action": { "path": "/nix/var/log", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -752,7 +127,7 @@ { "action": { "path": "/nix/var/log/nix", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -762,7 +137,7 @@ { "action": { "path": "/nix/var/log/nix/drvs", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -772,7 +147,7 @@ { "action": { "path": "/nix/var/nix", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -782,7 +157,7 @@ { "action": { "path": "/nix/var/nix/db", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -792,7 +167,7 @@ { "action": { "path": "/nix/var/nix/gcroots", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -802,7 +177,7 @@ { "action": { "path": "/nix/var/nix/gcroots/per-user", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -812,7 +187,7 @@ { "action": { "path": "/nix/var/nix/profiles", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -822,7 +197,7 @@ { "action": { "path": "/nix/var/nix/profiles/per-user", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -832,7 +207,7 @@ { "action": { "path": "/nix/var/nix/temproots", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -842,7 +217,7 @@ { "action": { "path": "/nix/var/nix/userpool", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -852,7 +227,7 @@ { "action": { "path": "/nix/var/nix/daemon-socket", - "user": null, + "user": "root", "group": null, "mode": 493, "force_prune_on_revert": false @@ -877,12 +252,6 @@ "action": "configure_nix", "setup_default_profile": { "action": { - "channels": [ - [ - "nixpkgs", - "https://nixos.org/channels/nixpkgs-unstable" - ] - ], "unpacked_path": "/nix/temp-install-dir" }, "state": "Uncompleted" @@ -921,18 +290,7 @@ "path": "/etc/bashrc", "user": null, "group": null, - "mode": 33060, - "buf": "\n# Nix\nif [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'\nfi\n# End Nix\n\n \n", - "position": "Beginning" - }, - "state": "Uncompleted" - }, - { - "action": { - "path": "/etc/zshenv", - "user": null, - "group": null, - "mode": 33060, + "mode": 420, "buf": "\n# Nix\nif [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'\nfi\n# End Nix\n\n \n", "position": "Beginning" }, @@ -943,7 +301,18 @@ "path": "/etc/bash.bashrc", "user": null, "group": null, - "mode": 33060, + "mode": 420, + "buf": "\n# Nix\nif [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'\nfi\n# End Nix\n\n \n", + "position": "Beginning" + }, + "state": "Uncompleted" + }, + { + "action": { + "path": "/etc/zshrc", + "user": null, + "group": null, + "mode": 420, "buf": "\n# Nix\nif [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'\nfi\n# End Nix\n\n \n", "position": "Beginning" }, @@ -970,10 +339,12 @@ "path": "/etc/nix/nix.conf", "pending_nix_config": { "settings": { - "bash-prompt-prefix": "(nix:$name)\\040", + "experimental-features": "nix-command flakes auto-allocate-uids", + "extra-nix-path": "nixpkgs=flake:nixpkgs", "auto-optimise-store": "true", "build-users-group": "nixbld", - "experimental-features": "nix-command flakes" + "bash-prompt-prefix": "(nix:$name)\\040", + "auto-allocate-uids": "true" } } }, @@ -989,7 +360,15 @@ "action": { "action": "configure_init_service", "init": "Launchd", - "start_daemon": true + "start_daemon": true, + "ssl_cert_file": null + }, + "state": "Uncompleted" + }, + { + "action": { + "action": "remove_directory", + "path": "/nix/temp-install-dir" }, "state": "Uncompleted" } @@ -997,25 +376,31 @@ "planner": { "planner": "macos", "settings": { - "channels": [ - [ - "nixpkgs", - "https://nixos.org/channels/nixpkgs-unstable" - ] - ], "modify_profile": true, - "nix_build_user_count": 32, "nix_build_group_name": "nixbld", - "nix_build_group_id": 3000, - "nix_build_user_prefix": "_nixbld", - "nix_build_user_id_base": 300, - "nix_package_url": "https://releases.nixos.org/nix/nix-2.13.2/nix-2.13.2-x86_64-darwin.tar.xz", + "nix_build_group_id": 30000, + "nix_package_url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-aarch64-darwin.tar.xz", + "proxy": null, + "ssl_cert_file": null, "extra_conf": [], - "force": false + "force": false, + "diagnostic_endpoint": "https://install.determinate.systems/nix/diagnostic" }, "encrypt": null, "case_sensitive": false, "volume_label": "Nix Store", - "root_disk": "disk1" + "root_disk": "disk3" + }, + "diagnostic_data": { + "version": "0.8.1-unreleased", + "planner": "macos", + "configured_settings": [], + "os_name": "unknown", + "os_version": "unknown", + "triple": "aarch64-apple-darwin", + "is_ci": false, + "endpoint": "https://install.determinate.systems/nix/diagnostic", + "ssl_cert_file": null, + "failure_chain": null } } \ No newline at end of file