From 9b9ba8405bc9ba6965f82f7806b22c31f3514898 Mon Sep 17 00:00:00 2001 From: Nadrieril Date: Thu, 30 Aug 2018 21:50:43 +0100 Subject: nixos/usbguard: ensure the audit log file can be created Since version 0.7.3, usbguard-daemon won't start if the file cannot be opened. --- nixos/modules/services/security/usbguard.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'nixos/modules/services/security/usbguard.nix') diff --git a/nixos/modules/services/security/usbguard.nix b/nixos/modules/services/security/usbguard.nix index 48950fe4c22..88d2f69db57 100644 --- a/nixos/modules/services/security/usbguard.nix +++ b/nixos/modules/services/security/usbguard.nix @@ -188,7 +188,10 @@ in { wants = [ "systemd-udevd.service" "local-fs.target" ]; # make sure an empty rule file and required directories exist - preStart = ''mkdir -p $(dirname "${cfg.ruleFile}") "${cfg.IPCAccessControlFiles}" && ([ -f "${cfg.ruleFile}" ] || touch ${cfg.ruleFile})''; + preStart = '' + mkdir -p $(dirname "${cfg.ruleFile}") $(dirname "${cfg.auditFilePath}") "${cfg.IPCAccessControlFiles}" \ + && ([ -f "${cfg.ruleFile}" ] || touch ${cfg.ruleFile}) + ''; serviceConfig = { Type = "simple"; -- cgit 1.4.1