about summary refs log tree commit diff
path: root/nixos/modules/security/wrappers
diff options
context:
space:
mode:
authorRobin Gloster <mail@glob.in>2017-02-17 15:41:31 +0100
committerRobin Gloster <mail@glob.in>2017-02-17 15:42:54 +0100
commit070825d443a384e8cf2928bab0367d430aaeca75 (patch)
treeee254f99ccad9d40798de5f7cf94af1934b4c9be /nixos/modules/security/wrappers
parent47ded42788caf8c8ec939de387341b9c113943e6 (diff)
downloadnixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar
nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.gz
nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.bz2
nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.lz
nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.xz
nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.zst
nixlib-070825d443a384e8cf2928bab0367d430aaeca75.zip
setcapWrapper: add support for setting permissions
Diffstat (limited to 'nixos/modules/security/wrappers')
-rw-r--r--nixos/modules/security/wrappers/default.nix3


1 files changed, 2 insertions, 1 deletions
diff --git a/nixos/modules/security/wrappers/default.nix b/nixos/modules/security/wrappers/default.nix
index 861ce225257d..52f251876605 100644
--- a/nixos/modules/security/wrappers/default.nix
+++ b/nixos/modules/security/wrappers/default.nix
@@ -28,6 +28,7 @@ let
     , source
     , owner  ? "nobody"
     , group  ? "nogroup"
+    , permissions ? "u+rx,g+x,o+x"
     , ...
     }:
     assert (lib.versionAtLeast (lib.getVersion config.boot.kernelPackages.kernel) "4.3");
@@ -45,7 +46,7 @@ let
       ${pkgs.libcap.out}/bin/setcap "cap_setpcap,${capabilities}" $wrapperDir/${program}
 
       # Set the executable bit
-      chmod u+rx,g+x,o+x $wrapperDir/${program}
+      chmod ${permissions} $wrapperDir/${program}
     '';
 
   ###### Activation script for the setuid wrappers

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-02 20:34:27 +0000