diff options
| author | rnhmjoj | 2021-09-12 18:53:48 +0200 |
|---|---|---|
| committer | rnhmjoj | 2021-09-13 13:48:13 +0200 |
| commit | fedd7cd6901646cb7e2a94a148d300f7b632d7e0 (patch) | |
| tree | 14b7af8318d75536656849335e20c51cdfdf3447 /nixos/modules/programs/wavemon.nix | |
| parent | 8f76a6eefcfa0c9904e0749f04b27090527ce09f (diff) | |
nixos: explicitely set security.wrappers ownership
This is slightly more verbose and inconvenient, but it forces you to think about what the wrapper ownership and permissions will be.
Diffstat (limited to 'nixos/modules/programs/wavemon.nix')
| -rw-r--r-- | nixos/modules/programs/wavemon.nix | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/nixos/modules/programs/wavemon.nix b/nixos/modules/programs/wavemon.nix index ac665fe4a023..e5ccacba75d4 100644 --- a/nixos/modules/programs/wavemon.nix +++ b/nixos/modules/programs/wavemon.nix @@ -21,8 +21,10 @@ in { config = mkIf cfg.enable { environment.systemPackages = with pkgs; [ wavemon ]; security.wrappers.wavemon = { - source = "${pkgs.wavemon}/bin/wavemon"; + owner = "root"; + group = "root"; capabilities = "cap_net_admin+ep"; + source = "${pkgs.wavemon}/bin/wavemon"; }; }; } |