diff options
| author | Benjamin Saunders <ben.e.saunders@gmail.com> | 2023-12-02 12:03:58 -0800 |
|---|---|---|
| committer | Benjamin Saunders <ben.e.saunders@gmail.com> | 2023-12-02 12:03:58 -0800 |
| commit | dffba14043168d767a12ff86c39464b8503d3d29 (patch) | |
| tree | d3facff86676a066f79b49586e26de46465e67a4 /nixos | |
| parent | ab3ea20adfe05a2328b4991612912ef7db67af83 (diff) | |
| download | nixlib-dffba14043168d767a12ff86c39464b8503d3d29.tar nixlib-dffba14043168d767a12ff86c39464b8503d3d29.tar.gz nixlib-dffba14043168d767a12ff86c39464b8503d3d29.tar.bz2 nixlib-dffba14043168d767a12ff86c39464b8503d3d29.tar.lz nixlib-dffba14043168d767a12ff86c39464b8503d3d29.tar.xz nixlib-dffba14043168d767a12ff86c39464b8503d3d29.tar.zst nixlib-dffba14043168d767a12ff86c39464b8503d3d29.zip | |
nixos/matrix-appservice-irc: fix syscall filter
The pre-start script requires @chown; the service fails without it.
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/matrix/appservice-irc.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/matrix/appservice-irc.nix b/nixos/modules/services/matrix/appservice-irc.nix index d153ffc2ace8..c79cd799b4d0 100644 --- a/nixos/modules/services/matrix/appservice-irc.nix +++ b/nixos/modules/services/matrix/appservice-irc.nix @@ -214,7 +214,7 @@ in { RestrictRealtime = true; PrivateMounts = true; SystemCallFilter = [ - "@system-service @pkey" + "@system-service @pkey @chown" "~@privileged @resources" ]; SystemCallArchitectures = "native"; |