diff options
| author | rnhmjoj <rnhmjoj@inventati.org> | 2018-01-05 02:33:11 +0100 |
|---|---|---|
| committer | rnhmjoj <rnhmjoj@inventati.org> | 2018-01-05 02:37:09 +0100 |
| commit | c883311327f1c842faffc437f344b46a82030b59 (patch) | |
| tree | 1533014f626575959bcf88077ad09453c2ceed5b /nixos/modules/services/networking/dnscrypt-wrapper.nix | |
| parent | c01cfb9e01c6925034119e7e027720e306e9043b (diff) | |
| download | nixpkgs-c883311327f1c842faffc437f344b46a82030b59.tar nixpkgs-c883311327f1c842faffc437f344b46a82030b59.tar.gz nixpkgs-c883311327f1c842faffc437f344b46a82030b59.tar.bz2 nixpkgs-c883311327f1c842faffc437f344b46a82030b59.tar.lz nixpkgs-c883311327f1c842faffc437f344b46a82030b59.tar.xz nixpkgs-c883311327f1c842faffc437f344b46a82030b59.tar.zst nixpkgs-c883311327f1c842faffc437f344b46a82030b59.zip | |
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
Diffstat (limited to 'nixos/modules/services/networking/dnscrypt-wrapper.nix')
| -rw-r--r-- | nixos/modules/services/networking/dnscrypt-wrapper.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/dnscrypt-wrapper.nix b/nixos/modules/services/networking/dnscrypt-wrapper.nix index 23cc92946e4..bf13d5c6f5f 100644 --- a/nixos/modules/services/networking/dnscrypt-wrapper.nix +++ b/nixos/modules/services/networking/dnscrypt-wrapper.nix @@ -145,6 +145,16 @@ in { }; users.groups.dnscrypt-wrapper = { }; + security.polkit.extraConfig = '' + // Allow dnscrypt-wrapper user to restart dnscrypt-wrapper.service + polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.systemd1.manage-units" && + action.lookup("unit") == "dnscrypt-wrapper.service" && + subject.user == "dnscrypt-wrapper") { + return polkit.Result.YES; + } + }); + ''; systemd.services.dnscrypt-wrapper = { description = "dnscrypt-wrapper daemon"; |