From a5bec764f720ff7bdeabfc18eadfc823eb823776 Mon Sep 17 00:00:00 2001 From: h7x4 Date: Sun, 7 Jun 2026 01:45:59 +0900 Subject: [PATCH] fixup! WIP: temmie/userweb: inject users from passwd into httpd sandbox --- flake.lock | 8 ++++---- hosts/temmie/services/userweb/default.nix | 8 +++----- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 080bcf5..93e18d1 100644 --- a/flake.lock +++ b/flake.lock @@ -337,11 +337,11 @@ ] }, "locked": { - "lastModified": 1780062186, - "narHash": "sha256-FSkwKO/56i9RddwSydK804fSnIvbczBnFJgr2/m+F9U=", + "lastModified": 1780764154, + "narHash": "sha256-Xvf9aBNLYDnbDKdtFjp5GEA/rZwVczHZWbJ0hac8Vv4=", "ref": "main", - "rev": "db2b19f144af046161b7f9ca69ddaf3f06fcceea", - "revCount": 13, + "rev": "8b4541be73ee3bd6c60525b2f42605efe89398c9", + "revCount": 14, "type": "git", "url": "https://git.pvv.ntnu.no/Projects/passwd2systemd-users.git" }, diff --git a/hosts/temmie/services/userweb/default.nix b/hosts/temmie/services/userweb/default.nix index 8199bab..3f15bc4 100644 --- a/hosts/temmie/services/userweb/default.nix +++ b/hosts/temmie/services/userweb/default.nix @@ -312,13 +312,11 @@ in group-file = "/run/httpd/pamunix-sync/group"; output-dir = "/run/httpd/systemd-userdb"; shadow-file = pkgs.emptyFile; - email-domain = "pvv.ntnu.no"; + + output-passwd = true; + ignore-user-file = toString ./ignore_user_file.txt; ignore-group-file = toString ./ignore_group_file.txt; - set-default-umask = "0077"; - set-default-mount-no-devices = "true"; - set-default-mount-no-suid = "true"; - set-default-mount-no-execute = "false"; }; in ''${lib.getExe pkgs.passwd2systemd-users} ${args}'') "${lib.getExe' pkgs.coreutils "shred"} -u /run/httpd/pamunix-sync/passwd /run/httpd/pamunix-sync/group"