diff options
author | rnhmjoj <rnhmjoj@inventati.org> | 2021-09-19 11:53:36 +0200 |
---|---|---|
committer | rnhmjoj <rnhmjoj@inventati.org> | 2021-09-19 11:53:41 +0200 |
commit | 64f5d681d95ba708afef378f86c5112798cc9039 (patch) | |
tree | 00f86653a218c9bafa3884c0c9e69d7fe9cb5df6 /nixos/modules/services/security | |
parent | 5aef5e8d1ed1d75eb3aed18133be26404d0ed433 (diff) | |
download | nixpkgs-64f5d681d95ba708afef378f86c5112798cc9039.tar nixpkgs-64f5d681d95ba708afef378f86c5112798cc9039.tar.gz nixpkgs-64f5d681d95ba708afef378f86c5112798cc9039.tar.bz2 nixpkgs-64f5d681d95ba708afef378f86c5112798cc9039.tar.lz nixpkgs-64f5d681d95ba708afef378f86c5112798cc9039.tar.xz nixpkgs-64f5d681d95ba708afef378f86c5112798cc9039.tar.zst nixpkgs-64f5d681d95ba708afef378f86c5112798cc9039.zip |
nixos/physlock: fix broken wrapper
- `user` doesn't exist -> `owner` - set `setuid,group` as well (no longer optional)
Diffstat (limited to 'nixos/modules/services/security')
-rw-r--r-- | nixos/modules/services/security/physlock.nix | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/nixos/modules/services/security/physlock.nix b/nixos/modules/services/security/physlock.nix index da5c22a90a0..760e80f147f 100644 --- a/nixos/modules/services/security/physlock.nix +++ b/nixos/modules/services/security/physlock.nix @@ -38,9 +38,6 @@ in setuid wrapper to allow any user to start physlock as root, which is a minor security risk. Call the physlock binary to use this instead of using the systemd service. - - Note that you might need to relog to have the correct binary in your - PATH upon changing this option. ''; }; @@ -129,7 +126,12 @@ in (mkIf cfg.allowAnyUser { - security.wrappers.physlock = { source = "${pkgs.physlock}/bin/physlock"; user = "root"; }; + security.wrappers.physlock = + { setuid = true; + owner = "root"; + group = "root"; + source = "${pkgs.physlock}/bin/physlock"; + }; }) ]); |