mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-03 12:23:02 +00:00
Merge pull request #249323 from kevincox/photoprism-chmod
nixos.photoprism: Relax sandbox to allow running exiftool
This commit is contained in:
commit
96481fd201
@ -123,7 +123,7 @@ in
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
|
||||
SystemCallFilter = [ "@system-service" "~@setuid @keyring" ];
|
||||
UMask = "0066";
|
||||
} // lib.optionalAttrs (cfg.port < 1024) {
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||
|
Loading…
Reference in New Issue
Block a user