ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-11 15:27:20 +03:00
Code Issues Projects Releases Wiki Activity

cjdns service: allow writing keys to /etc

Browse Source 
20e81f7c0d prevented key generation in
`preStart`, leaving the service broken for the case where the user has
no pre-existing key.

Eventually, we ought to store the state elsewhere so that `/etc` can be
read-only but for now we fix this the easy way.
This commit is contained in:
Joachim Fasting 2017-02-05 04:42:16 +01:00
parent f9c684e152
commit a0338afe5f
No known key found for this signature in database
GPG Key ID: 7544761007FE4E08
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/services/networking/cjdns.nix
View File

@ -260,7 +260,7 @@ in
RestartSec = 1;
CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_RAW";
AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_RAW";
ProtectSystem = "full";
ProtectSystem = true;
MemoryDenyWriteExecute = true;
ProtectHome = true;
PrivateTmp = true;