diff options
author | William A. Kennington III <william@wkennington.com> | 2014-06-25 03:28:53 -0500 |
---|---|---|
committer | William A. Kennington III <william@wkennington.com> | 2014-08-13 15:08:43 -0500 |
commit | 24368beed84506cf930a355b12e9b17b926dd359 (patch) | |
tree | 5dd25f8bd3ef64bce5c9268edc109af95a084198 /nixos/modules/services/networking/dhcpd.nix | |
parent | 4fbf120e8454d722df72ac1a49f1a8d707c0b46f (diff) |
nixos/dhcpd: Use dhcp user instead of nobody
Diffstat (limited to 'nixos/modules/services/networking/dhcpd.nix')
-rw-r--r-- | nixos/modules/services/networking/dhcpd.nix | 29 |
1 files changed, 8 insertions, 21 deletions
diff --git a/nixos/modules/services/networking/dhcpd.nix b/nixos/modules/services/networking/dhcpd.nix index 0c6783760de16..2bc4e5eda43cb 100644 --- a/nixos/modules/services/networking/dhcpd.nix +++ b/nixos/modules/services/networking/dhcpd.nix @@ -66,24 +66,6 @@ in "; }; - user = mkOption { - default = "nobody"; - type = types.nullOr types.str; - description = '' - The user to drop privileges to after the daemon has started. - A value of null disables the user privilege change. - ''; - }; - - group = mkOption { - default = "nogroup"; - type = types.nullOr types.str; - description = '' - The group to drop privileges to after the daemon has started. - A value of null disables the group privilege change. - ''; - }; - configFile = mkOption { default = null; description = " @@ -126,6 +108,13 @@ in config = mkIf config.services.dhcpd.enable { + users = { + extraUsers.dhcpd = { + uid = config.ids.uids.dhcpd; + description = "DHCP daemon user"; + }; + }; + jobs.dhcpd = { description = "DHCP server"; @@ -139,9 +128,7 @@ in touch ${stateDir}/dhcpd.leases exec ${pkgs.dhcp}/sbin/dhcpd -f --no-pid -cf ${configFile} \ - -lf ${stateDir}/dhcpd.leases \ - ${optionalString (cfg.user != null) "-user ${cfg.user}"} \ - ${optionalString (cfg.group != null) "-group ${cfg.group}"} \ + -lf ${stateDir}/dhcpd.leases -user dhcpd -group nogroup \ ${toString cfg.interfaces} ''; }; |