diff --git a/nixos/modules/services/hardware/pcscd.nix b/nixos/modules/services/hardware/pcscd.nix index 54b6693f85a0..59c12ee12ca5 100644 --- a/nixos/modules/services/hardware/pcscd.nix +++ b/nixos/modules/services/hardware/pcscd.nix @@ -57,6 +57,16 @@ in systemd.services.pcscd = { environment.PCSCLITE_HP_DROPDIR = pluginEnv; restartTriggers = [ "/etc/reader.conf" ]; + + # If the cfgFile is empty and not specified (in which case the default + # /etc/reader.conf is assumed), pcscd will happily start going through the + # entire confdir (/etc in our case) looking for a config file and try to + # parse everything it finds. Doesn't take a lot of imagination to see how + # well that works. It really shouldn't do that to begin with, but to work + # around it, we force the path to the cfgFile. + # + # https://github.com/NixOS/nixpkgs/issues/121088 + serviceConfig.ExecStart = [ "" "${getBin pkgs.pcsclite}/bin/pcscd -f -x -c ${cfgFile}" ]; }; }; }