diff options
| author | Peter Hoeg <peter@hoeg.com> | 2019-08-02 11:58:27 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-02 11:58:27 +0800 |
| commit | f2639566b59152b6273cda3df3c329c1db4f3933 (patch) | |
| tree | 8a36bc3008ea62a84114e858d50a6956c8539933 /nixos/modules/programs | |
| parent | 43ac110d3b7aea8592437489f4e881f6cfcb7187 (diff) | |
| parent | 0f04bbdc31f75031602d384adedb7292c720e44d (diff) | |
| download | nixlib-f2639566b59152b6273cda3df3c329c1db4f3933.tar nixlib-f2639566b59152b6273cda3df3c329c1db4f3933.tar.gz nixlib-f2639566b59152b6273cda3df3c329c1db4f3933.tar.bz2 nixlib-f2639566b59152b6273cda3df3c329c1db4f3933.tar.lz nixlib-f2639566b59152b6273cda3df3c329c1db4f3933.tar.xz nixlib-f2639566b59152b6273cda3df3c329c1db4f3933.tar.zst nixlib-f2639566b59152b6273cda3df3c329c1db4f3933.zip | |
Merge pull request #30712 from peterhoeg/f/service
systemd user services shouldn't run as root and other "non-interactive" users
Diffstat (limited to 'nixos/modules/programs')
| -rw-r--r-- | nixos/modules/programs/ssh.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index 18b183eca9e2..733b8f7636fd 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -235,6 +235,7 @@ in systemd.user.services.ssh-agent = mkIf cfg.startAgent { description = "SSH Agent"; wantedBy = [ "default.target" ]; + unitConfig.ConditionUser = "!@system"; serviceConfig = { ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent"; ExecStart = |