diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2018-12-08 21:48:00 +0100 |
---|---|---|
committer | Maximilian Bosch <maximilian@mbosch.me> | 2018-12-18 00:00:42 +0100 |
commit | 7490e96e38f6db4327554551c705e0a4856c5917 (patch) | |
tree | c43d9e4ad17216754c839c76b9e881e7237bc63a /nixos/modules/programs/iotop.nix | |
parent | bb962eb2a2d039cb2430d0ffda51ae6a4b5467f2 (diff) | |
download | nixpkgs-7490e96e38f6db4327554551c705e0a4856c5917.tar nixpkgs-7490e96e38f6db4327554551c705e0a4856c5917.tar.gz nixpkgs-7490e96e38f6db4327554551c705e0a4856c5917.tar.bz2 nixpkgs-7490e96e38f6db4327554551c705e0a4856c5917.tar.lz nixpkgs-7490e96e38f6db4327554551c705e0a4856c5917.tar.xz nixpkgs-7490e96e38f6db4327554551c705e0a4856c5917.tar.zst nixpkgs-7490e96e38f6db4327554551c705e0a4856c5917.zip |
nixos/iotop: add module
The `iotop` program can't be started by an unprivileged user because of missing root privileges. The issue can be fixed by creating a setcap wrapper for `iotop` which contains `cap_net_admin`.
Diffstat (limited to 'nixos/modules/programs/iotop.nix')
-rw-r--r-- | nixos/modules/programs/iotop.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/nixos/modules/programs/iotop.nix b/nixos/modules/programs/iotop.nix new file mode 100644 index 00000000000..986d562ad0f --- /dev/null +++ b/nixos/modules/programs/iotop.nix @@ -0,0 +1,18 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.programs.iotop; +in { + options = { + programs.iotop.enable = mkEnableOption "iotop + setcap wrapper"; + }; + config = mkIf cfg.enable { + environment.systemPackages = [ pkgs.iotop ]; + security.wrappers.iotop = { + source = "${pkgs.iotop}/bin/iotop"; + capabilities = "cap_net_admin+p"; + }; + }; +} |