nixos/update-users-groups: add support for account expiry #246772
Conversation
Introduce a `users.users.<name>.expires` option to allows setting an expiry date to user accounts. This is useful when members should gain temporary access and you don't want to have to roll out another system update to disable them.
github-actions
bot
added
6.topic: nixos
|
@ofborg test user-expiry |
ofborg
bot
added
10.rebuild-darwin: 1-10
10.rebuild-darwin: 1
10.rebuild-linux: 1-10
labels
|
thanks, looks good to go to me. |
figsoda
added
the
12.approvals: 1
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/prs-already-reviewed/2617/1071 |
|
This breaks cross-compiled NixOS because |
|
I will be going on holidays soon so apologies for not being able to deal with this, @lopsided98 how much realistic do you believe it is to fix the issue? Does it fail cross compilation on all targets or only armv7l? |
|
It should fail on all targets, since it has something to do with the use of miniperl when cross-compiling. Personally, I have observed the failure on armv5tel, armv6l and armv7l. |
|
A commenter here reports it broken cross-compiling for |
|
I think we can use I'll test this and make a PR. |
Since #246772, cross compiled NixOS is broken because the DateTime perl package that was used in the update-users-groups.pl script depends on Testutf8 which does not cross compile (see #198548). This PR drops the DateTime dependency in favour of TimePiece, which has less dependencies and whose closure does cross compile.
Description of changes
Complete #203792 by adding a NixOS test and fixing the perl script so that it also works for newly created users.
Original PR description:
Add users.users..expires. This allows giving temporary access to a user to a machine, and not have
to remember to remove it afterwards.
Ping: @zimbatm @RaitoBezarius