Merge pull request #328653 from arianvp/later-wrappers

nixos/wrappers: use normal mount for /run/wrappers
2024-10-06 04:27:27 +03:00 · 2024-07-20 16:25:47 +02:00 · 2024-07-20 16:25:47 +02:00 · 94aa31c552
commit 94aa31c552
parent 28555fca2a 8afba669e2
1 changed files with 11 additions and 5 deletions
--- a/nixos/modules/security/wrappers/default.nix
+++ b/nixos/modules/security/wrappers/default.nix
@ -255,11 +255,6 @@ in
        umount = mkSetuidRoot "${lib.getBin pkgs.util-linux}/bin/umount";
      };

-    boot.specialFileSystems.${parentWrapperDir} = {
-      fsType = "tmpfs";
-      options = [ "nodev" "mode=755" "size=${config.security.wrapperDirSize}" ];
-    };
-
    # Make sure our wrapperDir exports to the PATH env variable when
    # initializing the shell
    environment.extraInit = ''
@ -275,6 +270,17 @@ in
      mrpx ${wrap.source},
    '') wrappers;

+    systemd.mounts = [{
+      where = parentWrapperDir;
+      what = "tmpfs";
+      type = "tmpfs";
+      options = lib.concatStringsSep "," ([
+        "nodev"
+        "mode=755"
+        "size=${config.security.wrapperDirSize}"
+      ]);
+    }];
+
    systemd.services.suid-sgid-wrappers = {
      description = "Create SUID/SGID Wrappers";
      wantedBy = [ "sysinit.target" ];