rosa/hakurei
6
3
Fork 2
Code Issues 11 Pull Requests 2 Actions 2 Packages Projects Releases 16 Wiki Activity

nix: add sharefs supplementary group
All checks were successful
Test / Sandbox (push) Successful in 1m1s
Details
Test / Sandbox (race detector) (push) Successful in 1m2s
Details
Test / Hakurei (push) Successful in 1m5s
Details
Test / Hakurei (race detector) (push) Successful in 1m10s
Details
Test / Create distribution (push) Successful in 1m19s
Details
Test / ShareFS (push) Successful in 3m6s
Details
Test / Flake checks (push) Successful in 1m33s
Details

Browse Source 
This works around vfs inode file attribute race.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2026-04-11 23:27:56 +09:00
parent 41aeb404ec
commit 28ebf973d6
2 changed files with 30 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
nixos.nix
View File

@@ -136,11 +136,12 @@ in
conf = { conf = {
inherit id; inherit id;
inherit (app) identity groups enablements; inherit (app) identity enablements;
inherit (dbusConfig) session_bus system_bus; inherit (dbusConfig) session_bus system_bus;
direct_wayland = app.insecureWayland; direct_wayland = app.insecureWayland;
sched_policy = app.schedPolicy; sched_policy = app.schedPolicy;
sched_priority = app.schedPriority; sched_priority = app.schedPriority;
groups = app.groups ++ optional (cfg.sharefs.source != null) cfg.sharefs.group;
container = { container = {
inherit (app) inherit (app)
@@ -357,29 +358,30 @@ in
users = mkMerge ( users = mkMerge (
foldlAttrs foldlAttrs
( (
acc: _: fid: acc: username: fid:
acc acc
++ foldlAttrs ( ++
acc': _: app: foldlAttrs
acc' ++ [ { ${getsubname fid app.identity} = getuser fid app.identity; } ] (
) [ { ${getsubname fid 0} = getuser fid 0; } ] cfg.apps acc': _: app:
) acc' ++ [ { ${getsubname fid app.identity} = getuser fid app.identity; } ]
( )
if (cfg.sharefs.source != null) then [
[ {
{ ${getsubname fid 0} = getuser fid 0;
${cfg.sharefs.user} = { ${username}.extraGroups = [ cfg.sharefs.group ];
uid = lib.mkDefault 1023; }
inherit (cfg.sharefs) group; ]
isSystemUser = true; cfg.apps
home = cfg.sharefs.source;
};
}
]
else
[ ]
) )
(optional (cfg.sharefs.source != null) {
${cfg.sharefs.user} = {
uid = lib.mkDefault 1023;
inherit (cfg.sharefs) group;
isSystemUser = true;
home = cfg.sharefs.source;
};
})
cfg.users cfg.users
); );
@@ -393,18 +395,11 @@ in
acc' ++ [ { ${getsubname fid app.identity} = getgroup fid app.identity; } ] acc' ++ [ { ${getsubname fid app.identity} = getgroup fid app.identity; } ]
) [ { ${getsubname fid 0} = getgroup fid 0; } ] cfg.apps ) [ { ${getsubname fid 0} = getgroup fid 0; } ] cfg.apps
) )
( (optional (cfg.sharefs.source != null) {
if (cfg.sharefs.source != null) then ${cfg.sharefs.group} = {
[ gid = lib.mkDefault 1023;
{ };
${cfg.sharefs.group} = { })
gid = lib.mkDefault 1023;
};
}
]
else
[ ]
)
cfg.users cfg.users
); );
}; };

5
test/interactive/configuration.nix
View File

@@ -8,10 +8,7 @@
description = "Alice Foobar"; description = "Alice Foobar";
password = "foobar"; password = "foobar";
uid = 1000; uid = 1000;
extraGroups = [ extraGroups = [ "wheel" ];
"wheel"
"sharefs"
];
}; };
untrusted = { untrusted = {
isNormalUser = true; isNormalUser = true;