mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-11-11 04:02:55 +03:00
Merge pull request #249323 from kevincox/photoprism-chmod
nixos.photoprism: Relax sandbox to allow running exiftool
This commit is contained in:
commit
96481fd201
@ -123,7 +123,7 @@ in
|
|||||||
RestrictNamespaces = true;
|
RestrictNamespaces = true;
|
||||||
RestrictRealtime = true;
|
RestrictRealtime = true;
|
||||||
SystemCallArchitectures = "native";
|
SystemCallArchitectures = "native";
|
||||||
SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
|
SystemCallFilter = [ "@system-service" "~@setuid @keyring" ];
|
||||||
UMask = "0066";
|
UMask = "0066";
|
||||||
} // lib.optionalAttrs (cfg.port < 1024) {
|
} // lib.optionalAttrs (cfg.port < 1024) {
|
||||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||||
|
Loading…
Reference in New Issue
Block a user