Open YaroKasear opened 2 months ago
I would like to have better documentation for this for sure. Currently there aren't any generated module docs.
I'm not sure whether I want to disable wheel-by-default. The intention with having it enabled out of the box is to help users avoid accidentally creating a system without sudo access. I'll give this some thought.
For your use, you can set admin = false
on the user to ensure they are a normal user or set create = false
to disable Snowfall Lib's user management entirely.
I'm not sure whether I want to disable wheel-by-default. The intention with having it enabled out of the box is to help users avoid accidentally creating a system without sudo access. I'll give this some thought.
Maybe I'm not reading it right, but nixpkgs itself already seems to have a check against locking a user out of the system. Not a full on sudo check, but it makes sure either root or a wheel user has a password.
At the very least it might be wise to give a heads up that snowfall-lib makes users wheel-by-default because I can see people deploying NixOS using snowfall-lib without knowing about this and inadvertently making users they don't intend to have access to privileged stuff exactly that.
For your use, you can set
admin = false
on the user to ensure they are a normal user or setcreate = false
to disable Snowfall Lib's user management entirely.
Yep, currently I disabled it for the affected user. I might do the latter once I look at the rest of the user module and conclude I won't use it.
i'm currently trying to disable the wheel group for a user, but i can't seem to be able to, even though i have
snowfallorg.users.deck = {
admin = false;
};
in my flake.nix, the deck user still is in the wheel group, even after i manually remove the user from the group, so i really don't know what's going wrong here . the user is defined as
users.users.deck = {
isNormalUser = true;
description = "Deck User";
extraGroups = [ "networkmanager" "gamemode" ];
};
I just solved a mystery that's been plaguing me for a little while: For some reason a user I don't want to be an admin was being put in the wheel group despite that not being set in extraGroups... and I discovered snowfall-lib has a module for users (That I don't see in the documentation.) that defaults users to admins and puts them into wheel.
May I make a couple suggestions?