diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-12-11 21:14:17 +0100 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-12-11 21:16:58 +0100 |
commit | 14018c2de1a1b4244fda239ee318f0b5d81dea57 (patch) | |
tree | 729033bc4f9af4bdf9d58046c553cf58c91b6b7f /nixos/modules/services/security/fail2ban.nix | |
parent | ee8a58a72f8c39096e2dc19bb8ddba673616b7c6 (diff) | |
download | nixlib-14018c2de1a1b4244fda239ee318f0b5d81dea57.tar nixlib-14018c2de1a1b4244fda239ee318f0b5d81dea57.tar.gz nixlib-14018c2de1a1b4244fda239ee318f0b5d81dea57.tar.bz2 nixlib-14018c2de1a1b4244fda239ee318f0b5d81dea57.tar.lz nixlib-14018c2de1a1b4244fda239ee318f0b5d81dea57.tar.xz nixlib-14018c2de1a1b4244fda239ee318f0b5d81dea57.tar.zst nixlib-14018c2de1a1b4244fda239ee318f0b5d81dea57.zip |
fail2ban: Fix preStart action
Creating /run/fail2ban didn't work since it didn't have write permission to /run. Now it does. Reported by Thomas Bereknyei.
Diffstat (limited to 'nixos/modules/services/security/fail2ban.nix')
-rw-r--r-- | nixos/modules/services/security/fail2ban.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/security/fail2ban.nix b/nixos/modules/services/security/fail2ban.nix index 395a5df8af07..ae1fd22d23ee 100644 --- a/nixos/modules/services/security/fail2ban.nix +++ b/nixos/modules/services/security/fail2ban.nix @@ -106,7 +106,7 @@ in serviceConfig = { ExecStart = "${pkgs.fail2ban}/bin/fail2ban-server -f"; ReadOnlyDirectories = "/"; - ReadWriteDirectories = "/run/fail2ban /var/tmp"; + ReadWriteDirectories = "/run /var/tmp"; CapabilityBoundingSet = "CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW"; }; |