nixos/google_oslogin: run as root

This is needed in order to read the files in /var/google-users.d, as the program sets the permissions to 750 and the user and group to root. See: https://github.com/GoogleCloudPlatform/guest-oslogin/blob/20250821.00/src/oslogin_utils.cc#L1337-L1338
2025-09-21 14:57:04 -04:00
parent 1d4e4fe41f
commit b385068794
1 changed files with 1 additions and 1 deletions
--- a/nixos/modules/security/google_oslogin.nix
+++ b/nixos/modules/security/google_oslogin.nix
@@ -77,7 +77,7 @@ in
      '';
    };
    services.openssh.authorizedKeysCommand = "/etc/ssh/authorized_keys_command_google_oslogin %u";
-    services.openssh.authorizedKeysCommandUser = "nobody";
+    services.openssh.authorizedKeysCommandUser = "root";
  };

 }