diff options
author | Izorkin <izorkin@elven.pw> | 2021-05-10 10:35:29 +0300 |
---|---|---|
committer | Izorkin <izorkin@elven.pw> | 2021-05-10 10:35:51 +0300 |
commit | 85914bc01d7ba185158c0a8f3694ee81ceaf2a1b (patch) | |
tree | 04fa7a70dcd6c35903c134f0890e977d9f2d5283 /nixos/modules/services/monitoring/netdata.nix | |
parent | 859633ee4351835c0180427d34d188b489c3ca65 (diff) | |
download | nixpkgs-85914bc01d7ba185158c0a8f3694ee81ceaf2a1b.tar nixpkgs-85914bc01d7ba185158c0a8f3694ee81ceaf2a1b.tar.gz nixpkgs-85914bc01d7ba185158c0a8f3694ee81ceaf2a1b.tar.bz2 nixpkgs-85914bc01d7ba185158c0a8f3694ee81ceaf2a1b.tar.lz nixpkgs-85914bc01d7ba185158c0a8f3694ee81ceaf2a1b.tar.xz nixpkgs-85914bc01d7ba185158c0a8f3694ee81ceaf2a1b.tar.zst nixpkgs-85914bc01d7ba185158c0a8f3694ee81ceaf2a1b.zip |
nixos/netdata: change wrappers permissions
Diffstat (limited to 'nixos/modules/services/monitoring/netdata.nix')
-rw-r--r-- | nixos/modules/services/monitoring/netdata.nix | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/nixos/modules/services/monitoring/netdata.nix b/nixos/modules/services/monitoring/netdata.nix index 2028e3875f9..561ce3eec62 100644 --- a/nixos/modules/services/monitoring/netdata.nix +++ b/nixos/modules/services/monitoring/netdata.nix @@ -216,7 +216,7 @@ in { capabilities = "cap_dac_read_search,cap_sys_ptrace+ep"; owner = cfg.user; group = cfg.group; - permissions = "u+rx,g+rx,o-rwx"; + permissions = "u+rx,g+x,o-rwx"; }; security.wrappers."cgroup-network" = { @@ -224,7 +224,7 @@ in { capabilities = "cap_setuid+ep"; owner = cfg.user; group = cfg.group; - permissions = "u+rx,g+rx,o-rwx"; + permissions = "u+rx,g+x,o-rwx"; }; security.wrappers."freeipmi.plugin" = { @@ -232,7 +232,7 @@ in { capabilities = "cap_dac_override,cap_fowner+ep"; owner = cfg.user; group = cfg.group; - permissions = "u+rx,g+rx,o-rwx"; + permissions = "u+rx,g+x,o-rwx"; }; security.wrappers."perf.plugin" = { @@ -240,7 +240,7 @@ in { capabilities = "cap_sys_admin+ep"; owner = cfg.user; group = cfg.group; - permissions = "u+rx,g+rx,o-rx"; + permissions = "u+rx,g+x,o-rwx"; }; security.wrappers."slabinfo.plugin" = { @@ -248,7 +248,7 @@ in { capabilities = "cap_dac_override+ep"; owner = cfg.user; group = cfg.group; - permissions = "u+rx,g+rx,o-rx"; + permissions = "u+rx,g+x,o-rwx"; }; security.pam.loginLimits = [ |