diff options
| author | Artturin <Artturin@artturin.com> | 2021-07-22 07:39:18 +0300 |
|---|---|---|
| committer | Artturin <Artturin@artturin.com> | 2021-07-31 01:05:44 +0300 |
| commit | bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df (patch) | |
| tree | 9d9fc631551625e525ee5bbaadaf116fea04b4c9 /nixos | |
| parent | ecc968543c6d2911303f32ad92b354661a0663d9 (diff) | |
| download | nixpkgs-bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df.tar nixpkgs-bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df.tar.gz nixpkgs-bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df.tar.bz2 nixpkgs-bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df.tar.lz nixpkgs-bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df.tar.xz nixpkgs-bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df.tar.zst nixpkgs-bd8eeec9c0e8993c82ad8441867a5ea3fd0a87df.zip | |
{uptimed,nixos/uptimed}: switch to /var/lib/ and fix perms
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2111.section.xml | 8 | ||||
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2111.section.md | 2 | ||||
| -rw-r--r-- | nixos/modules/services/system/uptimed.nix | 10 |
3 files changed, 17 insertions, 3 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml index de2cd7bef6d..edc6b5c50d0 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml @@ -596,6 +596,14 @@ </listitem> </itemizedlist> </listitem> + <listitem> + <para> + <literal>services.uptimed</literal> now uses + <literal>/var/lib/uptimed</literal> as its stateDirectory + instead of <literal>/var/spool/uptimed</literal>. Make sure to + move all files to the new directory. + </para> + </listitem> </itemizedlist> </section> <section xml:id="sec-release-21.11-notable-changes"> diff --git a/nixos/doc/manual/release-notes/rl-2111.section.md b/nixos/doc/manual/release-notes/rl-2111.section.md index 1ce78a4d774..d49d6af26a5 100644 --- a/nixos/doc/manual/release-notes/rl-2111.section.md +++ b/nixos/doc/manual/release-notes/rl-2111.section.md @@ -151,6 +151,8 @@ pt-services.clipcat.enable). - `CoenraadS.bracket-pair-colorizer` -> `coenraads.bracket-pair-colorizer` - `golang.Go` -> `golang.go` +- `services.uptimed` now uses `/var/lib/uptimed` as its stateDirectory instead of `/var/spool/uptimed`. Make sure to move all files to the new directory. + ## Other Notable Changes {#sec-release-21.11-notable-changes} - The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets. diff --git a/nixos/modules/services/system/uptimed.nix b/nixos/modules/services/system/uptimed.nix index 1e256c51408..67a03876e19 100644 --- a/nixos/modules/services/system/uptimed.nix +++ b/nixos/modules/services/system/uptimed.nix @@ -4,7 +4,7 @@ with lib; let cfg = config.services.uptimed; - stateDir = "/var/spool/uptimed"; + stateDir = "/var/lib/uptimed"; in { options = { @@ -21,12 +21,16 @@ in }; config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.uptimed ]; + users.users.uptimed = { description = "Uptimed daemon user"; home = stateDir; - createHome = true; uid = config.ids.uids.uptimed; + group = "uptimed"; }; + users.groups.uptimed = {}; systemd.services.uptimed = { unitConfig.Documentation = "man:uptimed(8) man:uprecords(1)"; @@ -41,7 +45,7 @@ in PrivateTmp = "yes"; PrivateNetwork = "yes"; NoNewPrivileges = "yes"; - ReadWriteDirectories = stateDir; + StateDirectory = [ "uptimed" ]; InaccessibleDirectories = "/home"; ExecStart = "${pkgs.uptimed}/sbin/uptimed -f -p ${stateDir}/pid"; }; |