nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-24 07:53:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

privoxy service: remove static uid

Browse Source 
The service owns no data, having a static uid serves no purpose.

This frees up uid/gid 32
This commit is contained in:
Joachim Fasting 2016-12-05 12:27:51 +01:00
parent ad88f1040e
commit 3dcdc2d2b0
No known key found for this signature in database
GPG Key ID: 7544761007FE4E08
2 changed files with 9 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/misc/ids.nix
View File

@ -58,7 +58,6 @@
#utmp = 29; # unused
ddclient = 30;
davfs2 = 31;
privoxy = 32;
#disnix = 33; # unused
osgi = 34;
tor = 35;
@ -322,7 +321,6 @@
utmp = 29;
#ddclient = 30; # unused
davfs2 = 31;
privoxy = 32;
disnix = 33;
osgi = 34;
tor = 35;

18
nixos/modules/services/networking/privoxy.nix
View File

@ -6,8 +6,6 @@ let
inherit (pkgs) privoxy;
privoxyUser = "privoxy";
cfg = config.services.privoxy;
confFile = pkgs.writeText "privoxy.conf" ''
@ -88,18 +86,20 @@ in
###### implementation
config = mkIf cfg.enable {
users.extraUsers = singleton
{ name = privoxyUser;
uid = config.ids.uids.privoxy;
description = "Privoxy daemon user";
};
users.users.privoxy = {
isSystemUser = true;
home = "/var/empty";
group = "privoxy";
};
users.groups.privoxy = {};
systemd.services.privoxy = {
description = "Filtering web proxy";
after = [ "network.target" "nss-lookup.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${privoxy}/sbin/privoxy --no-daemon --user ${privoxyUser} ${confFile}";
serviceConfig.ExecStart = "${privoxy}/bin/privoxy --no-daemon --user privoxy ${confFile}";
serviceConfig.PrivateDevices = true;
serviceConfig.PrivateTmp = true;