diff options
Diffstat (limited to 'nixos/modules/config/users-groups.nix')
| -rw-r--r-- | nixos/modules/config/users-groups.nix | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index d88162558e66..8e2db9107a11 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -123,7 +123,7 @@ let group = mkOption { type = types.str; apply = x: assert (builtins.stringLength x < 32 || abort "Group name '${x}' is longer than 31 characters which is not allowed!"); x; - default = "nogroup"; + default = ""; description = "The user's primary group."; }; @@ -640,6 +640,16 @@ in { Exactly one of users.users.${user.name}.isSystemUser and users.users.${user.name}.isNormalUser must be set. ''; } + { + assertion = user.group != ""; + message = '' + users.users.${user.name}.group is unset. This used to default to + nogroup, but this is unsafe. For example you can create a group + for this user with: + users.users.${user.name}.group = "${user.name}"; + users.groups.${user.name} = {}; + ''; + } ] )); |