nixos/ids: Link to RFC #52 and explain that static IDs are not allowed.

NixOS · Dec 23, 2024 · 4971ed0 · 4971ed0
1 parent 218901b
commit 4971ed0
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 6 deletions.
diff --git a/ci/OWNERS b/ci/OWNERS
@@ -102,6 +102,7 @@ nixos/modules/installer/tools/nix-fallback-paths.nix  @NixOS/nix-team @raitobeza
 /nixos/default.nix                                    @infinisil
 /nixos/lib/from-env.nix                               @infinisil
 /nixos/lib/eval-config.nix                            @infinisil
+/nixos/modules/misc/ids.nix                           @R-VdP
 /nixos/modules/system/activation/bootspec.nix         @grahamc @cole-h @raitobezarius
 /nixos/modules/system/activation/bootspec.cue         @grahamc @cole-h @raitobezarius
 

diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
@@ -2,12 +2,15 @@
 # central list to prevent id collisions.
 
 # IMPORTANT!
-# We only add static uids and gids for services where it is not feasible
-# to change uids/gids on service start, for example a service with a lot of
-# files. Please also check if the service is applicable for systemd's
-# DynamicUser option and does not need a uid/gid allocation at all.
-# Systemd can also change ownership of service directories using the
-# RuntimeDirectory/StateDirectory options.
+#
+# https://github.com/NixOS/rfcs/blob/master/rfcs/0052-dynamic-ids.md
+#
+# Use of static ids is deprecated within NixOS. Dynamic allocation is
+# required, barring special circumstacnes. Please check if the service
+# is applicable for systemd's DynamicUser option and does not need a
+# uid/gid allocation at all.  Systemd can also change ownership of
+# service directories using the RuntimeDirectory/StateDirectory
+# options.
 
 { lib, ... }: