summary refs log tree commit diff
diff options
context:
space:
mode:
authorworldofpeace <worldofpeace@protonmail.ch>2019-09-08 05:03:46 -0400
committerworldofpeace <worldofpeace@protonmail.ch>2019-09-08 07:02:58 -0400
commit92740dd4a81e0f2ef3c185e66809e3fca5132f0d (patch)
tree76f2cf45174c1d5ccc84628751482a3c67b61eb3
parentab48ede4c3f5a90f6229e84fdc471d12369407b7 (diff)
downloadnixpkgs-92740dd4a81e0f2ef3c185e66809e3fca5132f0d.tar
nixpkgs-92740dd4a81e0f2ef3c185e66809e3fca5132f0d.tar.gz
nixpkgs-92740dd4a81e0f2ef3c185e66809e3fca5132f0d.tar.bz2
nixpkgs-92740dd4a81e0f2ef3c185e66809e3fca5132f0d.tar.lz
nixpkgs-92740dd4a81e0f2ef3c185e66809e3fca5132f0d.tar.xz
nixpkgs-92740dd4a81e0f2ef3c185e66809e3fca5132f0d.tar.zst
nixpkgs-92740dd4a81e0f2ef3c185e66809e3fca5132f0d.zip
nixos/upower: drop custom unit
All of these changes ++ are in the upstream unit
Also drop glib in path of unit as I don't believe
this should be needed anymore.
Diffstat
-rw-r--r--nixos/modules/services/hardware/upower.nix41
1 files changed, 5 insertions, 36 deletions
diff --git a/nixos/modules/services/hardware/upower.nix b/nixos/modules/services/hardware/upower.nix
index 96d88da6e8b..f6ce1101d54 100644
--- a/nixos/modules/services/hardware/upower.nix
+++ b/nixos/modules/services/hardware/upower.nix
@@ -5,8 +5,11 @@
 with lib;
 
 let
+
   cfg = config.services.upower;
+
 in
+
 {
 
   ###### interface
@@ -49,42 +52,8 @@ in
 
     services.udev.packages = [ cfg.package ];
 
-    systemd.services.upower =
-      { description = "Power Management Daemon";
-        path = [ pkgs.glib.out ]; # needed for gdbus
-        serviceConfig =
-          { Type = "dbus";
-            BusName = "org.freedesktop.UPower";
-            ExecStart = "@${cfg.package}/libexec/upowerd upowerd";
-            Restart = "on-failure";
-            # Upstream lockdown:
-            # Filesystem lockdown
-            ProtectSystem = "strict";
-            # Needed by keyboard backlight support
-            ProtectKernelTunables = false;
-            ProtectControlGroups = true;
-            ReadWritePaths = "/var/lib/upower";
-            ProtectHome = true;
-            PrivateTmp = true;
-
-            # Network
-            # PrivateNetwork=true would block udev's netlink socket
-            RestrictAddressFamilies = "AF_UNIX AF_NETLINK";
-
-            # Execute Mappings
-            MemoryDenyWriteExecute = true;
-
-            # Modules
-            ProtectKernelModules = true;
-
-            # Real-time
-            RestrictRealtime = true;
-
-            # Privilege escalation
-            NoNewPrivileges = true;
-          };
-      };
-  
+    systemd.packages = [ cfg.package ];
+
     # The upower daemon seems to get stuck after doing a suspend
     # (i.e. subsequent suspend requests will say "Sleep has already
     # been requested and is pending").  So as a workaround, restart
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 21:20:46 +0000