diff options
author | Parnell Springmeyer <parnell@digitalmentat.com> | 2017-02-14 08:40:12 -0600 |
---|---|---|
committer | Parnell Springmeyer <parnell@digitalmentat.com> | 2017-02-14 08:40:12 -0600 |
commit | e856d6efe812f24034aa8077fb538af0e8f8462d (patch) | |
tree | 7d23652fa07d08dfb3c33af7f753a08c71a01181 /nixos/modules/security | |
parent | c01689f8dab3387eb004192ce078659e9a4f334c (diff) | |
download | nixlib-e856d6efe812f24034aa8077fb538af0e8f8462d.tar nixlib-e856d6efe812f24034aa8077fb538af0e8f8462d.tar.gz nixlib-e856d6efe812f24034aa8077fb538af0e8f8462d.tar.bz2 nixlib-e856d6efe812f24034aa8077fb538af0e8f8462d.tar.lz nixlib-e856d6efe812f24034aa8077fb538af0e8f8462d.tar.xz nixlib-e856d6efe812f24034aa8077fb538af0e8f8462d.tar.zst nixlib-e856d6efe812f24034aa8077fb538af0e8f8462d.zip |
Default should be to set owner and group to root on setcap wrappers too
Diffstat (limited to 'nixos/modules/security')
-rw-r--r-- | nixos/modules/security/wrappers/default.nix | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/nixos/modules/security/wrappers/default.nix b/nixos/modules/security/wrappers/default.nix index 144053a4ea3b..2ed8a601a035 100644 --- a/nixos/modules/security/wrappers/default.nix +++ b/nixos/modules/security/wrappers/default.nix @@ -73,7 +73,10 @@ let mkWrappedPrograms = builtins.map (s: if (s ? "capabilities") - then mkSetcapProgram s + then mkSetcapProgram + ({ owner = "root"; + , group = "root"; + } // s) else if (s ? "setuid" && s.setuid == true) || (s ? "setguid" && s.setguid == true) || |