diff options
Diffstat (limited to 'nixos/modules/services/networking/dhcpd.nix')
| -rw-r--r-- | nixos/modules/services/networking/dhcpd.nix | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/dhcpd.nix b/nixos/modules/services/networking/dhcpd.nix index d796dcf70326..0c6783760de1 100644 --- a/nixos/modules/services/networking/dhcpd.nix +++ b/nixos/modules/services/networking/dhcpd.nix @@ -66,6 +66,24 @@ in "; }; + user = mkOption { + default = "nobody"; + type = types.nullOr types.str; + description = '' + The user to drop privileges to after the daemon has started. + A value of null disables the user privilege change. + ''; + }; + + group = mkOption { + default = "nogroup"; + type = types.nullOr types.str; + description = '' + The group to drop privileges to after the daemon has started. + A value of null disables the group privilege change. + ''; + }; + configFile = mkOption { default = null; description = " @@ -120,8 +138,10 @@ in touch ${stateDir}/dhcpd.leases - exec ${pkgs.dhcp}/sbin/dhcpd -f -cf ${configFile} \ + exec ${pkgs.dhcp}/sbin/dhcpd -f --no-pid -cf ${configFile} \ -lf ${stateDir}/dhcpd.leases \ + ${optionalString (cfg.user != null) "-user ${cfg.user}"} \ + ${optionalString (cfg.group != null) "-group ${cfg.group}"} \ ${toString cfg.interfaces} ''; }; |