diff options
| author | Benno Fünfstück <benno.fuenfstueck@gmail.com> | 2016-08-19 14:47:11 +0200 |
|---|---|---|
| committer | Benno Fünfstück <benno.fuenfstueck@gmail.com> | 2016-08-19 14:59:33 +0200 |
| commit | 51b165c7d20d53b4581622a934a9e0abd7e43800 (patch) | |
| tree | 1f388636f16d15a0b9263318a461d9e31235cd28 /nixos/modules/programs/shadow.nix | |
| parent | 80dbdba6dda9b7adc49027de09f6db0ab2e7503c (diff) | |
nixos/shadow: setuid wrappers for new{uid,gid}map
These utils are not related to user management, so they should be available even if immutable users are enabled.
Diffstat (limited to 'nixos/modules/programs/shadow.nix')
| -rw-r--r-- | nixos/modules/programs/shadow.nix | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/nixos/modules/programs/shadow.nix b/nixos/modules/programs/shadow.nix index 6398509357a62..878c9cc0cf098 100644 --- a/nixos/modules/programs/shadow.nix +++ b/nixos/modules/programs/shadow.nix @@ -103,10 +103,9 @@ in }; security.setuidPrograms = [ "su" "chfn" ] + ++ [ "newuidmap" "newgidmap" ] # new in shadow 4.2.x ++ lib.optionals config.users.mutableUsers - [ "passwd" "sg" "newgrp" - "newuidmap" "newgidmap" # new in shadow 4.2.x - ]; + [ "passwd" "sg" "newgrp" ]; }; |