diff options
author | tv <tv@krebsco.de> | 2023-12-06 22:30:12 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2023-12-06 22:30:12 +0100 |
commit | adcb10a4e3afe98bff36307dbff8601cdbe61af6 (patch) | |
tree | da3599ce093a5465ee278a27ab0a891e48e73df9 | |
parent | 31f86bf81903ac8d627de26fe9d73e3b2461a748 (diff) |
setuid: properly adapt module to work with 23.11
-rw-r--r-- | krebs/3modules/setuid.nix | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index fdb96c8ba..e3108d88e 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -80,13 +80,25 @@ let }; imp = { - system.activationScripts."krebs.setuid" = stringAfter [ "usrbinenv" ] - (concatMapStringsSep "\n" - (cfg: /* sh */ '' - ${cfg.activate} - rm -f ${cfg.wrapperDir}/${cfg.name}.real - '') - (attrValues config.krebs.setuid)); + systemd.services."krebs.setuid" = { + wantedBy = [ "suid-sgid-wrappers.service" ]; + after = [ "suid-sgid-wrappers.service" ]; + path = [ + pkgs.coreutils + ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = pkgs.writeDash "krebs.setuid.sh" '' + ${concatMapStringsSep "\n" + (getAttr "activate") + (attrValues config.krebs.setuid) + } + ''; + }; + unitConfig = { + DefaultDependencies = false; + }; + }; }; in out |