summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--doc/guix.texi10
-rw-r--r--gnu/system.scm2
-rw-r--r--gnu/system/examples/bare-bones.tmpl5
-rw-r--r--gnu/system/examples/desktop.tmpl5
-rw-r--r--gnu/system/shadow.scm11
5 files changed, 27 insertions, 6 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index cfb626c705..6507b9c436 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -4453,7 +4453,7 @@ A list of strings identifying devices to be used for ``swap space''
 (@pxref{Memory Concepts,,, libc, The GNU C Library Reference Manual}).
 For example, @code{'("/dev/sda3")}.
 
-@item @code{users} (default: @code{'()})
+@item @code{users} (default: @code{%base-user-accounts})
 @itemx @code{groups} (default: @var{%base-groups})
 List of user accounts and groups.  @xref{User Accounts}.
 
@@ -4832,6 +4832,14 @@ to be present on the system.  This includes groups such as ``root'',
 specific devices such as ``audio'', ``disk'', and ``cdrom''.
 @end defvr
 
+@defvr {Scheme Variable} %base-user-accounts
+This is the list of basic system accounts that programs may expect to
+find on a GNU/Linux system, such as the ``nobody'' account.
+
+Note that the ``root'' account is not included here.  It is a
+special-case and is automatically added whether or not it is specified.
+@end defvr
+
 @node Locales
 @subsection Locales
 
diff --git a/gnu/system.scm b/gnu/system.scm
index 79de80a3eb..c4a3bee0eb 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -119,7 +119,7 @@
                 (default '()))
 
   (users operating-system-users                   ; list of user accounts
-         (default '()))
+         (default %base-user-accounts))
   (groups operating-system-groups                 ; list of user groups
           (default %base-groups))
 
diff --git a/gnu/system/examples/bare-bones.tmpl b/gnu/system/examples/bare-bones.tmpl
index 8f4faca2d3..dc5cfc81a4 100644
--- a/gnu/system/examples/bare-bones.tmpl
+++ b/gnu/system/examples/bare-bones.tmpl
@@ -23,7 +23,7 @@
   ;; This is where user accounts are specified.  The "root"
   ;; account is implicit, and is initially created with the
   ;; empty password.
-  (users (list (user-account
+  (users (cons (user-account
                 (name "alice")
                 (comment "Bob's sister")
                 (group "users")
@@ -34,7 +34,8 @@
                 ;; and access the webcam.
                 (supplementary-groups '("wheel"
                                         "audio" "video"))
-                (home-directory "/home/alice"))))
+                (home-directory "/home/alice"))
+               %base-user-accounts))
 
   ;; Globally-installed packages.
   (packages (cons tcpdump %base-packages))
diff --git a/gnu/system/examples/desktop.tmpl b/gnu/system/examples/desktop.tmpl
index c78188eb61..988b8f937f 100644
--- a/gnu/system/examples/desktop.tmpl
+++ b/gnu/system/examples/desktop.tmpl
@@ -20,13 +20,14 @@
                         (type "ext4"))
                       %base-file-systems))
 
-  (users (list (user-account
+  (users (cons (user-account
                 (name "bob")
                 (comment "Alice's brother")
                 (group "users")
                 (supplementary-groups '("wheel" "netdev"
                                         "audio" "video"))
-                (home-directory "/home/bob"))))
+                (home-directory "/home/bob"))
+               %base-user-accounts))
 
   ;; Add Xfce and Ratpoison; that allows us to choose
   ;; sessions using either of these at the log-in screen.
diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm
index a778b87306..aa97652678 100644
--- a/gnu/system/shadow.scm
+++ b/gnu/system/shadow.scm
@@ -54,6 +54,7 @@
             default-skeletons
             skeleton-directory
             %base-groups
+            %base-user-accounts
             assert-valid-users/groups))
 
 ;;; Commentary:
@@ -113,6 +114,16 @@
           (system-group (name "tape"))
           (system-group (name "kvm")))))             ; for /dev/kvm
 
+(define %base-user-accounts
+  ;; List of standard user accounts.  Note that "root" is a special case, so
+  ;; it's not listed here.
+  (list (user-account
+         (name "nobody")
+         (uid 65534)
+         (group "nogroup")
+         (home-directory "/var/empty")
+         (system? #t))))
+
 (define (default-skeletons)
   "Return the default skeleton files for /etc/skel.  These files are copied by
 'useradd' in the home directory of newly created user accounts."