diff options
| author | Domen Kožar <domen@dev.si> | 2016-09-07 10:41:56 +0200 |
|---|---|---|
| committer | Domen Kožar <domen@dev.si> | 2016-09-07 10:49:27 +0200 |
| commit | 8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd (patch) | |
| tree | ea3d673260bca11ca5937bed4e11311f0052da88 /nixos/modules/system/activation | |
| parent | 3877ec5b2ff7436f4962ac0fe3200833cf78cb8b (diff) | |
| download | nixlib-8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd.tar nixlib-8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd.tar.gz nixlib-8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd.tar.bz2 nixlib-8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd.tar.lz nixlib-8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd.tar.xz nixlib-8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd.tar.zst nixlib-8f95e6f6aa8ac62e809a5d1cba6af2b6707d90dd.zip | |
hardcode e2fsprogs, idempotent chmod, remove care condition
Diffstat (limited to 'nixos/modules/system/activation')
| -rw-r--r-- | nixos/modules/system/activation/activation-script.nix | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/nixos/modules/system/activation/activation-script.nix b/nixos/modules/system/activation/activation-script.nix index 47550ae76a66..60298362d767 100644 --- a/nixos/modules/system/activation/activation-script.nix +++ b/nixos/modules/system/activation/activation-script.nix @@ -19,7 +19,6 @@ let glibc # needed for getent shadow nettools # needed for hostname - e2fsprogs # needed for chattr ]; in @@ -140,13 +139,13 @@ in mkdir -m 1777 -p /var/tmp + # Empty, immutable home directory of many system accounts. + mkdir -p /var/empty # Make sure it's really empty - chattr -i /var/empty - rm -rf /var/empty - - # Empty, read-only home directory of many system accounts. - mkdir -m 0555 -p /var/empty - chattr +i /var/empty + ${pkgs.e2fsprogs}/bin/chattr -i /var/empty + find /var/empty -mindepth 1 -delete + chmod 0555 /var/empty + ${pkgs.e2fsprogs}/bin/chattr +i /var/empty ''; system.activationScripts.usrbinenv = if config.environment.usrbinenv != null |