From 12b6c4d4de17d1b8b37a74319f48c964166a6670 Mon Sep 17 00:00:00 2001
From: Emery Hemingway <emery@vfemail.net>
Date: Fri, 26 May 2017 11:27:15 -0500
Subject: u9fs service: grant capabilities for running as nobody

---
 nixos/modules/services/network-filesystems/u9fs.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'nixos')

diff --git a/nixos/modules/services/network-filesystems/u9fs.nix b/nixos/modules/services/network-filesystems/u9fs.nix
index 8bc37f0f62c3..4f37fc2a9e5c 100644
--- a/nixos/modules/services/network-filesystems/u9fs.nix
+++ b/nixos/modules/services/network-filesystems/u9fs.nix
@@ -67,6 +67,7 @@ in
             StandardInput = "socket";
             StandardError = "journal";
             User = cfg.user;
+            AmbientCapabilities = "cap_setuid cap_setgid";
           };
       };
     };
-- 
cgit 1.4.1