bernardo/Nomarchy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(sddm): default autoLogin off, not on with hardcoded "nomarchy"

Browse Source 
`themes/engine/sddm.nix` defaulted `services.displayManager.autoLogin`
to `enable = true; user = "nomarchy";` (both mkDefault). The installer
flow overrode both with the real username at normal priority, so this
was invisible there — but a hand-migrated user (per docs/MIGRATION.md)
who imported `nomarchy.nixosModules.system` without setting
`autoLogin.user` would auto-login as a nonexistent "nomarchy" user and
SDDM would error. `docs/MIGRATION.md` even documented the override as a
post-import chore.

Flipped the default to `enable = lib.mkDefault false`. Installer
generates `enable = true` directly so its flow is unchanged. Migration
flow now gets the safe default — opt-in instead of opt-out — and the
docs row is updated to reflect the new shape.

The hardcoded "nomarchy" username fallback for `autoLogin.user` is the
same class of bug as the impermanence persistence block was. A future
roadmap row to consolidate "primary user" across impermanence,
autoLogin, and any future modules might be worthwhile, but it's
deferred — this commit is the immediate fix.

Found during Pillar 8 audit of first-boot UX.
This commit is contained in:
Bernardo Magri
2026-05-19 18:46:41 +01:00
parent 6e0d17b859
commit 95101fda3f
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/MIGRATION.md
View File

@@ -210,7 +210,7 @@ and it's whichever has higher Nix priority. Fix these explicitly:
| Graphics | `hardware.graphics.enable = true` (was `hardware.opengl`) | Probably already enabled — fine | | Graphics | `hardware.graphics.enable = true` (was `hardware.opengl`) | Probably already enabled — fine |
| User groups | needs `video render networkmanager` | Add to your `users.users.<user>.extraGroups` | | User groups | needs `video render networkmanager` | Add to your `users.users.<user>.extraGroups` |
| `/etc/os-release` | `ID=nomarchy`, `NAME=Nomarchy` | A few third-party scripts grep `ID=nixos` — adjust them or rely on `ID_LIKE` (TBD) | | `/etc/os-release` | `ID=nomarchy`, `NAME=Nomarchy` | A few third-party scripts grep `ID=nixos` — adjust them or rely on `ID_LIKE` (TBD) |
| autoLogin | `enable = true; user = "nomarchy";` (mkDefault) | Override with `services.displayManager.autoLogin.user = "<your user>"` or disable | | autoLogin | `enable = false; user = "nomarchy";` (mkDefault) | Off by default — opt in with `services.displayManager.autoLogin = { enable = true; user = "<your user>"; };` if you want it |
Impermanence is **off** unless you set `nomarchy.system.impermanence.enable = true`, Impermanence is **off** unless you set `nomarchy.system.impermanence.enable = true`,
and it requires a BTRFS layout with a `root-blank` snapshot. Don't enable it and it requires a BTRFS layout with a `root-blank` snapshot. Don't enable it

6
themes/engine/sddm.nix
View File

@@ -27,8 +27,12 @@ in
services.displayManager.defaultSession = lib.mkDefault "hyprland-uwsm"; services.displayManager.defaultSession = lib.mkDefault "hyprland-uwsm";
# autoLogin defaults off so hand-migrated configs (no installer-written
# username) don't try to log in as a nonexistent "nomarchy" user. The
# installer-generated system.nix sets both `enable = true;` and
# `user = "$USERNAME";` at normal priority, overriding these defaults.
services.displayManager.autoLogin = { services.displayManager.autoLogin = {
enable = lib.mkDefault true; enable = lib.mkDefault false;
user = lib.mkDefault "nomarchy"; user = lib.mkDefault "nomarchy";
}; };