summary refs log tree commit diff
path: root/nixos/modules/config
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2013-11-01 14:50:24 +0100
committerEelco Dolstra <eelco.dolstra@logicblox.com>2013-11-01 15:04:21 +0100
commit20093751ec96b43d87f0850fc3ad541237405564 (patch)
tree5ee3c0083d75804a8aad42d3cb64d1b78b41964d /nixos/modules/config
parent4ba7dfde5b79ec835e8739922400b3f5f4f089f2 (diff)
downloadnixlib-20093751ec96b43d87f0850fc3ad541237405564.tar
nixlib-20093751ec96b43d87f0850fc3ad541237405564.tar.gz
nixlib-20093751ec96b43d87f0850fc3ad541237405564.tar.bz2
nixlib-20093751ec96b43d87f0850fc3ad541237405564.tar.lz
nixlib-20093751ec96b43d87f0850fc3ad541237405564.tar.xz
nixlib-20093751ec96b43d87f0850fc3ad541237405564.tar.zst
nixlib-20093751ec96b43d87f0850fc3ad541237405564.zip
Print a reminder to users to set or disable the root password
Diffstat (limited to 'nixos/modules/config')
-rw-r--r--nixos/modules/config/users-groups.nix16


1 files changed, 16 insertions, 0 deletions
diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix
index 79570fc25713..714de646eb7a 100644
--- a/nixos/modules/config/users-groups.nix
+++ b/nixos/modules/config/users-groups.nix
@@ -258,6 +258,22 @@ in
         fi
       '';
 
+    # Print a reminder for users to set a root password.
+    environment.interactiveShellInit =
+      ''
+        if [ "$UID" = 0 ]; then
+            read _l < /etc/shadow
+            if [ "''${_l:0:6}" = root:: ]; then
+                cat >&2 <<EOF
+        Warning: Your root account has a null password, allowing local users
+        to login as root.  Please set a non-null password using \`passwd', or
+        disable password-based root logins using \`passwd -l'.
+        EOF
+            fi
+            unset _l
+        fi
+      '';
+
     system.activationScripts.users = stringAfter [ "groups" ]
       ''
         echo "updating users..."

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-15 12:05:46 +0000