diff options
author | Robin Gloster <mail@glob.in> | 2017-03-23 13:32:10 +0100 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2017-03-23 15:57:30 +0100 |
commit | e82baf043e25abbb354c7ab4415a40a4155df398 (patch) | |
tree | 61c675d5320564a9b4439c87b1630b48f104ea69 /nixos/modules/security/wrappers | |
parent | 45f486f096bb3f3fe030571d2bcfd561f921b0cc (diff) | |
download | nixlib-e82baf043e25abbb354c7ab4415a40a4155df398.tar nixlib-e82baf043e25abbb354c7ab4415a40a4155df398.tar.gz nixlib-e82baf043e25abbb354c7ab4415a40a4155df398.tar.bz2 nixlib-e82baf043e25abbb354c7ab4415a40a4155df398.tar.lz nixlib-e82baf043e25abbb354c7ab4415a40a4155df398.tar.xz nixlib-e82baf043e25abbb354c7ab4415a40a4155df398.tar.zst nixlib-e82baf043e25abbb354c7ab4415a40a4155df398.zip |
security-wrapper: link old wrapper dir to new one
This makes setuid wrappers not fail after upgrading. references #23641, #22914, #19862, #16654
Diffstat (limited to 'nixos/modules/security/wrappers')
-rw-r--r-- | nixos/modules/security/wrappers/default.nix | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/nixos/modules/security/wrappers/default.nix b/nixos/modules/security/wrappers/default.nix index 65d875c3a375..c051b7d49e3f 100644 --- a/nixos/modules/security/wrappers/default.nix +++ b/nixos/modules/security/wrappers/default.nix @@ -179,21 +179,31 @@ in # Remove the old /var/setuid-wrappers path from the system... # - # TODO: this is only necessary for ugprades 16.09 => 17.x; + # TODO: this is only necessary for upgrades 16.09 => 17.x; # this conditional removal block needs to be removed after # the release. if [ -d /var/setuid-wrappers ]; then rm -rf /var/setuid-wrappers + ln -s /run/wrappers/bin /var/setuid-wrappers fi # Remove the old /run/setuid-wrappers-dir path from the # system as well... # - # TODO: this is only necessary for ugprades 16.09 => 17.x; + # TODO: this is only necessary for upgrades 16.09 => 17.x; # this conditional removal block needs to be removed after # the release. if [ -d /run/setuid-wrapper-dirs ]; then rm -rf /run/setuid-wrapper-dirs + ln -s /run/wrappers/bin /run/setuid-wrapper-dirs + fi + + # TODO: this is only necessary for upgrades 16.09 => 17.x; + # this conditional removal block needs to be removed after + # the release. + if readlink -f /run/booted-system | grep nixos-17 > /dev/null; then + rm -rf /run/setuid-wrapper-dirs + rm -rf /var/setuid-wrappers fi # We want to place the tmpdirs for the wrappers to the parent dir. |