diff options
| author | Florian Klink <flokli@flokli.de> | 2020-09-10 21:17:17 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-10 21:17:17 +0200 |
| commit | 303078d9ca62cf34a746a4f7d220063847856ee0 (patch) | |
| tree | 6ea42883b4f8a20f3bb8b695465398a7b29f9dfc /nixos/modules/security | |
| parent | 34f475f5eae13d18b4e4b8a17aa7a772d8619b0b (diff) | |
| parent | fd196452f03f77aea5f2cd5babda21534e3c7f2d (diff) | |
| download | nixpkgs-303078d9ca62cf34a746a4f7d220063847856ee0.tar nixpkgs-303078d9ca62cf34a746a4f7d220063847856ee0.tar.gz nixpkgs-303078d9ca62cf34a746a4f7d220063847856ee0.tar.bz2 nixpkgs-303078d9ca62cf34a746a4f7d220063847856ee0.tar.lz nixpkgs-303078d9ca62cf34a746a4f7d220063847856ee0.tar.xz nixpkgs-303078d9ca62cf34a746a4f7d220063847856ee0.tar.zst nixpkgs-303078d9ca62cf34a746a4f7d220063847856ee0.zip | |
Merge pull request #97303 from martinetd/systemd-confinement-list
systemd-confinement: handle ExecStarts etc being lists
Diffstat (limited to 'nixos/modules/security')
| -rw-r--r-- | nixos/modules/security/systemd-confinement.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/security/systemd-confinement.nix b/nixos/modules/security/systemd-confinement.nix index 0a400f1d535..2927d424a8a 100644 --- a/nixos/modules/security/systemd-confinement.nix +++ b/nixos/modules/security/systemd-confinement.nix @@ -135,7 +135,7 @@ in { ]; execPkgs = lib.concatMap (opt: let isSet = config.serviceConfig ? ${opt}; - in lib.optional isSet config.serviceConfig.${opt}) execOpts; + in lib.flatten (lib.optional isSet config.serviceConfig.${opt})) execOpts; unitAttrs = toplevelConfig.systemd.units."${name}.service"; allPkgs = lib.singleton (builtins.toJSON unitAttrs); unitPkgs = if fullUnit then allPkgs else execPkgs; |