ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-12-27 05:43:50 +03:00
Code Issues Projects Releases Wiki Activity

nixos/dhcpd: Add the ability to drop privileges

Browse Source
This commit is contained in:
William A. Kennington III 2014-06-24 17:09:27 -05:00
parent 56228e5614
commit 4fbf120e84
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
nixos/modules/services/networking/dhcpd.nix
View File

@ -66,6 +66,24 @@ in
"; ";
}; };
user = mkOption {
default = "nobody";
type = types.nullOr types.str;
description = ''
The user to drop privileges to after the daemon has started.
A value of null disables the user privilege change.
'';
};
group = mkOption {
default = "nogroup";
type = types.nullOr types.str;
description = ''
The group to drop privileges to after the daemon has started.
A value of null disables the group privilege change.
'';
};
configFile = mkOption { configFile = mkOption {
default = null; default = null;
description = " description = "
@ -120,8 +138,10 @@ in
touch ${stateDir}/dhcpd.leases touch ${stateDir}/dhcpd.leases
exec ${pkgs.dhcp}/sbin/dhcpd -f -cf ${configFile} \ exec ${pkgs.dhcp}/sbin/dhcpd -f --no-pid -cf ${configFile} \
-lf ${stateDir}/dhcpd.leases \ -lf ${stateDir}/dhcpd.leases \
${optionalString (cfg.user != null) "-user ${cfg.user}"} \
${optionalString (cfg.group != null) "-group ${cfg.group}"} \
${toString cfg.interfaces} ${toString cfg.interfaces}
''; '';
}; };