WIP: Avoid using integer identifiers in install script

scripts/install-darwin-multi-user.sh

@@ -60,26 +60,25 @@ poly_group_exists() {
     /usr/bin/dscl . -read "/Groups/$1" > /dev/null 2>&1
 }
 
-poly_group_id_get() {
-    dsclattr "/Groups/$1" "PrimaryGroupID"
-}
-
 poly_create_build_group() {
+    last_gid=$(/usr/bin/dscl . -list /Groups PrimaryGroupID | awk '{print $2}' | sort -ug | tail -1)
+
+    if [ -z "$last_gid" ]; then
+        # Something bad has happened; try to recover
+        last_gid=29999
+    fi
+
     _sudo "Create the Nix build group, $NIX_BUILD_GROUP_NAME" \
           /usr/sbin/dseditgroup -o create \
           -r "Nix build group for nix-daemon" \
-          -i "$NIX_BUILD_GROUP_ID" \
+          -i "$(($last_gid+1))" \
           "$NIX_BUILD_GROUP_NAME" >&2
 }
 
 poly_user_exists() {
     /usr/bin/dscl . -read "/Users/$1" > /dev/null 2>&1
 }
 
-poly_user_id_get() {
-    dsclattr "/Users/$1" "UniqueID"
-}
-
 poly_user_hidden_get() {
     dsclattr "/Users/$1" "IsHidden"
 }
@@ -131,21 +130,18 @@ poly_user_in_group_set() {
           -a "$username" "$group"
 }
 
-poly_user_primary_group_get() {
-    dsclattr "/Users/$1" "PrimaryGroupID"
-}
-
-poly_user_primary_group_set() {
-    _sudo "to let the nix daemon use this user for builds (this might seem redundant, but there are two concepts of group membership)" \
-          /usr/bin/dscl . -create "/Users/$1" "PrimaryGroupID" "$2"
-}
-
 poly_create_build_user() {
     username=$1
-    uid=$2
-    builder_num=$3
+    builder_num=$2
+
+    last_uid="$(/usr/bin/dscl . -list /Users UniqueID | awk '{print $2}' | sort -ug | tail -1)"
+
+    if [ -z "$last_uid" ]; then
+        # Something bad has happened in finding uid, try to recover
+        last_uid=30000
+    fi
 
     _sudo "Creating the Nix build user (#$builder_num), $username" \
           /usr/bin/dscl . create "/Users/$username" \
-          UniqueID "${uid}"
+          UniqueID "$(($last_uid+1))"
 }

scripts/install-multi-user.sh

@@ -23,9 +23,7 @@ readonly RED='\033[31m'
 # installer allows overriding build user count to speed up installation
 # as creating each user takes non-trivial amount of time on macos
 readonly NIX_USER_COUNT=${NIX_USER_COUNT:-32}
-readonly NIX_BUILD_GROUP_ID="30000"
 readonly NIX_BUILD_GROUP_NAME="nixbld"
-readonly NIX_FIRST_BUILD_UID="30001"
 # Please don't change this. We don't support it, because the
 # default shell profile that comes with Nix doesn't support it.
 readonly NIX_ROOT="/nix"
@@ -107,10 +105,6 @@ nix_user_for_core() {
     printf "nixbld%d" "$1"
 }
 
-nix_uid_for_core() {
-    echo $((NIX_FIRST_BUILD_UID + $1 - 1))
-}
-
 _textout() {
     echo -en "$1"
     shift
@@ -315,17 +309,16 @@ setup_report() {
     row "        Temp Dir" "$SCRATCH"
     row "        Nix Root" "$NIX_ROOT"
     row "     Build Users" "$NIX_USER_COUNT"
-    row "  Build Group ID" "$NIX_BUILD_GROUP_ID"
     row "Build Group Name" "$NIX_BUILD_GROUP_NAME"
     if [ "${ALLOW_PREEXISTING_INSTALLATION:-}" != "" ]; then
         row "Preexisting Install" "Allowed"
     fi
 
     subheader "build users:"
 
-    row "    Username" "UID"
+    row "    Username"
     for i in $(seq 1 "$NIX_USER_COUNT"); do
-        row "     $(nix_user_for_core "$i")" "$(nix_uid_for_core "$i")"
+        row "     $(nix_user_for_core "$i")"
     done
     echo ""
 }
@@ -338,53 +331,24 @@ create_build_group() {
         poly_create_build_group
         row "            Created" "Yes"
     else
-        primary_group_id=$(poly_group_id_get "$NIX_BUILD_GROUP_NAME")
-        if [ "$primary_group_id" -ne "$NIX_BUILD_GROUP_ID" ]; then
-            failure <<EOF
-It seems the build group $NIX_BUILD_GROUP_NAME already exists, but
-with the UID $primary_group_id. This script can't really handle
-that right now, so I'm going to give up.
-
-You can fix this by editing this script and changing the
-NIX_BUILD_GROUP_ID variable near the top to from $NIX_BUILD_GROUP_ID
-to $primary_group_id and re-run.
-EOF
-        else
-            row "            Exists" "Yes"
-        fi
+        row "            Exists" "Yes"
     fi
 }
 
 create_build_user_for_core() {
     local coreid
     local username
-    local uid
 
     coreid="$1"
     username=$(nix_user_for_core "$coreid")
-    uid=$(nix_uid_for_core "$coreid")
 
     task "Setting up the build user $username"
 
     if ! poly_user_exists "$username"; then
-        poly_create_build_user "$username" "$uid" "$coreid"
+        poly_create_build_user "$username" "$coreid"
         row "           Created" "Yes"
     else
-        actual_uid=$(poly_user_id_get "$username")
-        if [ "$actual_uid" != "$uid" ]; then
-            failure <<EOF
-It seems the build user $username already exists, but with the UID
-with the UID '$actual_uid'. This script can't really handle that right
-now, so I'm going to give up.
-
-If you already created the users and you know they start from
-$actual_uid and go up from there, you can edit this script and change
-NIX_FIRST_BUILD_UID near the top of the file to $actual_uid and try
-again.
-EOF
-        else
-            row "            Exists" "Yes"
-        fi
+        row "            Exists" "Yes"
     fi
 
     if [ "$(poly_user_hidden_get "$username")" = "1" ]; then
@@ -425,13 +389,6 @@ EOF
         poly_user_in_group_set "$username" "$NIX_BUILD_GROUP_NAME"
         row "  Member of $NIX_BUILD_GROUP_NAME" "Yes"
     fi
-
-    if [ "$(poly_user_primary_group_get "$username")" = "$NIX_BUILD_GROUP_ID" ]; then
-        row "    PrimaryGroupID" "$NIX_BUILD_GROUP_ID"
-    else
-        poly_user_primary_group_set "$username" "$NIX_BUILD_GROUP_ID"
-        row "    PrimaryGroupID" "$NIX_BUILD_GROUP_ID"
-    fi
 }
 
 create_build_users() {

scripts/install-systemd-multi-user.sh

@@ -117,24 +117,15 @@ poly_group_exists() {
     getent group "$1" > /dev/null 2>&1
 }
 
-poly_group_id_get() {
-    getent group "$1" | cut -d: -f3
-}
-
 poly_create_build_group() {
     _sudo "Create the Nix build group, $NIX_BUILD_GROUP_NAME" \
-          groupadd -g "$NIX_BUILD_GROUP_ID" --system \
-          "$NIX_BUILD_GROUP_NAME" >&2
+          groupadd --system "$NIX_BUILD_GROUP_NAME" >&2
 }
 
 poly_user_exists() {
     getent passwd "$1" > /dev/null 2>&1
 }
 
-poly_user_id_get() {
-    getent passwd "$1" | cut -d: -f3
-}
-
 poly_user_hidden_get() {
     echo "1"
 }
@@ -179,31 +170,18 @@ poly_user_in_group_set() {
           usermod --append --groups "$2" "$1"
 }
 
-poly_user_primary_group_get() {
-    getent passwd "$1" | cut -d: -f4
-}
-
-poly_user_primary_group_set() {
-    _sudo "to let the nix daemon use this user for builds (this might seem redundant, but there are two concepts of group membership)" \
-          usermod --gid "$2" "$1"
-
-}
-
 poly_create_build_user() {
     username=$1
-    uid=$2
-    builder_num=$3
+    builder_num=$2
 
     _sudo "Creating the Nix build user, $username" \
           useradd \
           --home-dir /var/empty \
           --comment "Nix build user $builder_num" \
-          --gid "$NIX_BUILD_GROUP_ID" \
-          --groups "$NIX_BUILD_GROUP_NAME" \
+          --gid "$NIX_BUILD_GROUP_NAME" \
           --no-user-group \
           --system \
           --shell /sbin/nologin \
-          --uid "$uid" \
           --password "!" \
           "$username"
 }