diff options
author | Robin Gloster <mail@glob.in> | 2017-03-23 13:29:08 +0100 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2017-03-23 15:57:23 +0100 |
commit | 45f486f096bb3f3fe030571d2bcfd561f921b0cc (patch) | |
tree | 31aa591bc7dfdf7824b4e7f988d6464762ddad9a /nixos/modules/security/wrappers | |
parent | f9add54f281391aca361230db96d15ec684b7a99 (diff) | |
download | nixpkgs-45f486f096bb3f3fe030571d2bcfd561f921b0cc.tar nixpkgs-45f486f096bb3f3fe030571d2bcfd561f921b0cc.tar.gz nixpkgs-45f486f096bb3f3fe030571d2bcfd561f921b0cc.tar.bz2 nixpkgs-45f486f096bb3f3fe030571d2bcfd561f921b0cc.tar.lz nixpkgs-45f486f096bb3f3fe030571d2bcfd561f921b0cc.tar.xz nixpkgs-45f486f096bb3f3fe030571d2bcfd561f921b0cc.tar.zst nixpkgs-45f486f096bb3f3fe030571d2bcfd561f921b0cc.zip |
Revert "security-wrapper: Don't remove the old paths yet as that can create migration pain"
This reverts commit 4c751ced376e0042ddd4f2aa8bd40754b9ea8926. This does not fix the issue as /run is now mounted with nosuid.
Diffstat (limited to 'nixos/modules/security/wrappers')
-rw-r--r-- | nixos/modules/security/wrappers/default.nix | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/nixos/modules/security/wrappers/default.nix b/nixos/modules/security/wrappers/default.nix index 0aca39fd6be..65d875c3a37 100644 --- a/nixos/modules/security/wrappers/default.nix +++ b/nixos/modules/security/wrappers/default.nix @@ -177,6 +177,25 @@ in # programs to be wrapped. WRAPPER_PATH=${config.system.path}/bin:${config.system.path}/sbin + # Remove the old /var/setuid-wrappers path from the system... + # + # TODO: this is only necessary for ugprades 16.09 => 17.x; + # this conditional removal block needs to be removed after + # the release. + if [ -d /var/setuid-wrappers ]; then + rm -rf /var/setuid-wrappers + fi + + # Remove the old /run/setuid-wrappers-dir path from the + # system as well... + # + # TODO: this is only necessary for ugprades 16.09 => 17.x; + # this conditional removal block needs to be removed after + # the release. + if [ -d /run/setuid-wrapper-dirs ]; then + rm -rf /run/setuid-wrapper-dirs + fi + # We want to place the tmpdirs for the wrappers to the parent dir. wrapperDir=$(mktemp --directory --tmpdir="${parentWrapperDir}" wrappers.XXXXXXXXXX) chmod a+rx $wrapperDir |