diff options
Diffstat (limited to 'nixpkgs/nixos/modules/programs/ecryptfs.nix')
-rw-r--r-- | nixpkgs/nixos/modules/programs/ecryptfs.nix | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/programs/ecryptfs.nix b/nixpkgs/nixos/modules/programs/ecryptfs.nix new file mode 100644 index 000000000000..63c1a3ad4419 --- /dev/null +++ b/nixpkgs/nixos/modules/programs/ecryptfs.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.programs.ecryptfs; + +in { + options.programs.ecryptfs = { + enable = mkEnableOption (lib.mdDoc "ecryptfs setuid mount wrappers"); + }; + + config = mkIf cfg.enable { + security.wrappers = { + + "mount.ecryptfs_private" = { + setuid = true; + owner = "root"; + group = "root"; + source = "${lib.getBin pkgs.ecryptfs}/bin/mount.ecryptfs_private"; + }; + "umount.ecryptfs_private" = { + setuid = true; + owner = "root"; + group = "root"; + source = "${lib.getBin pkgs.ecryptfs}/bin/umount.ecryptfs_private"; + }; + + }; + }; +} |