diff options
| author | Thiago Kenji Okada | 2024-06-24 18:49:48 -0300 |
|---|---|---|
| committer | Thiago Kenji Okada | 2024-06-24 19:01:17 -0300 |
| commit | 406ebf3ad6bce74453e5fb6b66521ee64a15b391 (patch) | |
| tree | 11e000e6283e95448cf36f3180c92476b1b3f652 /nixos/modules | |
| parent | b8cd02c34f1f64660c7a5a5f22fb2825574f0c23 (diff) | |
nixos/rtorrent: make RuntimeDirectory not world readable
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/services/torrent/rtorrent.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/torrent/rtorrent.nix b/nixos/modules/services/torrent/rtorrent.nix index b2fa6c30c4e0..e0ce33d13462 100644 --- a/nixos/modules/services/torrent/rtorrent.nix +++ b/nixos/modules/services/torrent/rtorrent.nix @@ -204,7 +204,7 @@ in { ExecStartPre=''${pkgs.bash}/bin/bash -c "if test -e ${cfg.dataDir}/session/rtorrent.lock && test -z $(${pkgs.procps}/bin/pidof rtorrent); then rm -f ${cfg.dataDir}/session/rtorrent.lock; fi"''; ExecStart="${cfg.package}/bin/rtorrent -n -o system.daemon.set=true -o import=${rtorrentConfigFile}"; RuntimeDirectory = "rtorrent"; - RuntimeDirectoryMode = 755; + RuntimeDirectoryMode = 750; CapabilityBoundingSet = [ "" ]; LockPersonality = true; |