diff options
author | Jan Malakhovski <oxij@oxij.org> | 2018-01-06 12:57:35 +0000 |
---|---|---|
committer | Jan Malakhovski <oxij@oxij.org> | 2018-03-30 06:56:38 +0000 |
commit | 44b8202cabf52eaa48b7e99923a5e9f9b8e9118f (patch) | |
tree | 0f11f4b58628424df159b3ccd06c8290bd1feaeb /nixos/modules/services/networking/tcpcrypt.nix | |
parent | 02da27de52933e0442c59f3f71b7eb9cad0508da (diff) | |
download | nixlib-44b8202cabf52eaa48b7e99923a5e9f9b8e9118f.tar nixlib-44b8202cabf52eaa48b7e99923a5e9f9b8e9118f.tar.gz nixlib-44b8202cabf52eaa48b7e99923a5e9f9b8e9118f.tar.bz2 nixlib-44b8202cabf52eaa48b7e99923a5e9f9b8e9118f.tar.lz nixlib-44b8202cabf52eaa48b7e99923a5e9f9b8e9118f.tar.xz nixlib-44b8202cabf52eaa48b7e99923a5e9f9b8e9118f.tar.zst nixlib-44b8202cabf52eaa48b7e99923a5e9f9b8e9118f.zip |
nixos: tcpcrypt: /var/run -> /run, don't drop files out of rundir
Diffstat (limited to 'nixos/modules/services/networking/tcpcrypt.nix')
-rw-r--r-- | nixos/modules/services/networking/tcpcrypt.nix | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/nixos/modules/services/networking/tcpcrypt.nix b/nixos/modules/services/networking/tcpcrypt.nix index 2f304165eb4b..ee005e11aa32 100644 --- a/nixos/modules/services/networking/tcpcrypt.nix +++ b/nixos/modules/services/networking/tcpcrypt.nix @@ -44,9 +44,9 @@ in path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ]; preStart = '' - mkdir -p /var/run/tcpcryptd - chown tcpcryptd /var/run/tcpcryptd - sysctl -n net.ipv4.tcp_ecn >/run/pre-tcpcrypt-ecn-state + mkdir -p /run/tcpcryptd + chown tcpcryptd /run/tcpcryptd + sysctl -n net.ipv4.tcp_ecn > /run/tcpcryptd/pre-tcpcrypt-ecn-state sysctl -w net.ipv4.tcp_ecn=0 iptables -t raw -N nixos-tcpcrypt @@ -61,8 +61,8 @@ in script = "tcpcryptd -x 0x10"; postStop = '' - if [ -f /run/pre-tcpcrypt-ecn-state ]; then - sysctl -w net.ipv4.tcp_ecn=$(cat /run/pre-tcpcrypt-ecn-state) + if [ -f /run/tcpcryptd/pre-tcpcrypt-ecn-state ]; then + sysctl -w net.ipv4.tcp_ecn=$(cat /run/tcpcryptd/pre-tcpcrypt-ecn-state) fi iptables -t mangle -D POSTROUTING -j nixos-tcpcrypt || true |