diff options
author | Robin Gloster <mail@glob.in> | 2017-02-17 15:41:31 +0100 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2017-02-17 15:42:54 +0100 |
commit | 070825d443a384e8cf2928bab0367d430aaeca75 (patch) | |
tree | ee254f99ccad9d40798de5f7cf94af1934b4c9be /nixos/modules | |
parent | 47ded42788caf8c8ec939de387341b9c113943e6 (diff) | |
download | nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.gz nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.bz2 nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.lz nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.xz nixlib-070825d443a384e8cf2928bab0367d430aaeca75.tar.zst nixlib-070825d443a384e8cf2928bab0367d430aaeca75.zip |
setcapWrapper: add support for setting permissions
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/security/wrappers/default.nix | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/nixos/modules/security/wrappers/default.nix b/nixos/modules/security/wrappers/default.nix index 861ce225257d..52f251876605 100644 --- a/nixos/modules/security/wrappers/default.nix +++ b/nixos/modules/security/wrappers/default.nix @@ -28,6 +28,7 @@ let , source , owner ? "nobody" , group ? "nogroup" + , permissions ? "u+rx,g+x,o+x" , ... }: assert (lib.versionAtLeast (lib.getVersion config.boot.kernelPackages.kernel) "4.3"); @@ -45,7 +46,7 @@ let ${pkgs.libcap.out}/bin/setcap "cap_setpcap,${capabilities}" $wrapperDir/${program} # Set the executable bit - chmod u+rx,g+x,o+x $wrapperDir/${program} + chmod ${permissions} $wrapperDir/${program} ''; ###### Activation script for the setuid wrappers |