summary refs log tree commit diff
path: root/nixos/modules/services/hardware/fwupd.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/services/hardware/fwupd.nix')
-rw-r--r--nixos/modules/services/hardware/fwupd.nix9
1 files changed, 8 insertions, 1 deletions
diff --git a/nixos/modules/services/hardware/fwupd.nix b/nixos/modules/services/hardware/fwupd.nix
index 7a938459d0c..7b6c336bd22 100644
--- a/nixos/modules/services/hardware/fwupd.nix
+++ b/nixos/modules/services/hardware/fwupd.nix
@@ -187,13 +187,20 @@ in {
       # fwupd-refresh expects a user that we do not create, so just run with DynamicUser
       # instead and ensure we take ownership of /var/lib/fwupd
       services.fwupd-refresh.serviceConfig = {
-        DynamicUser = true;
         StateDirectory = "fwupd";
+        # Better for debugging, upstream sets stderr to null for some reason..
+        StandardError = "inherit";
       };
 
       timers.fwupd-refresh.wantedBy = [ "timers.target" ];
     };
 
+    users.users.fwupd-refresh = {
+      isSystemUser = true;
+      group = "fwupd-refresh";
+    };
+    users.groups.fwupd-refresh = {};
+
     security.polkit.enable = true;
   };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-14 02:29:23 +0000