From fb796e61e04b6e75f60e2f00043d3aece5c4692f Mon Sep 17 00:00:00 2001 From: Brian McKenna Date: Fri, 14 Apr 2023 09:18:27 +1000 Subject: [PATCH] pseudofile: allow setting uid and gid of files Necessary for Dropbear to accept non-root authorized_keys files. --- modules/users.nix | 1 + pkgs/pseudofile/default.nix | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/users.nix b/modules/users.nix index 35ed151..556e042 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -69,6 +69,7 @@ in { (name: val: dir { ".ssh" = dir { authorized_keys = { + inherit (val) uid gid; type = "f"; mode = "0400"; file = lib.concatStringsSep diff --git a/pkgs/pseudofile/default.nix b/pkgs/pseudofile/default.nix index 71b0c68..68a45fb 100644 --- a/pkgs/pseudofile/default.nix +++ b/pkgs/pseudofile/default.nix @@ -20,12 +20,14 @@ let , file ? null , major ? null , minor ? null + , uid ? 0 + , gid ? 0 }: let mode' = if mode != null then mode else (if type == "d" then "0755" else "0644"); pathname = "${prefix}/${filename}"; - line = "${pathname} ${type} ${mode'} 0 0"; + line = "${pathname} ${type} ${mode'} ${toString uid} ${toString gid}"; in if type == "f" then "${line} echo -n \"${qprint file}\" |qprint -d"