diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/backup/syncoid.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/backup/syncoid.nix | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/nixpkgs/nixos/modules/services/backup/syncoid.nix b/nixpkgs/nixos/modules/services/backup/syncoid.nix index e72e3fa59cf9..b764db1f14e4 100644 --- a/nixpkgs/nixos/modules/services/backup/syncoid.nix +++ b/nixpkgs/nixos/modules/services/backup/syncoid.nix @@ -197,14 +197,14 @@ in { ])) (attrValues cfg.commands); after = [ "zfs.target" ]; serviceConfig = { - ExecStartPre = (map (pool: lib.escapeShellArgs [ - "+/run/booted-system/sw/bin/zfs" "allow" - cfg.user "hold,send" pool - ]) (getPools "source")) ++ - (map (pool: lib.escapeShellArgs [ - "+/run/booted-system/sw/bin/zfs" "allow" - cfg.user "create,mount,receive,rollback" pool - ]) (getPools "target")); + ExecStartPre = let + allowCmd = permissions: pool: lib.escapeShellArgs [ + "+/run/booted-system/sw/bin/zfs" "allow" + cfg.user (concatStringsSep "," permissions) pool + ]; + in + (map (allowCmd [ "hold" "send" "snapshot" "destroy" ]) (getPools "source")) ++ + (map (allowCmd [ "create" "mount" "receive" "rollback" ]) (getPools "target")); User = cfg.user; Group = cfg.group; }; |