mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-27 01:13:05 +00:00
Merge pull request #30712 from peterhoeg/f/service
systemd user services shouldn't run as root and other "non-interactive" users
This commit is contained in:
commit
f2639566b5
@ -235,6 +235,7 @@ in
|
||||
systemd.user.services.ssh-agent = mkIf cfg.startAgent
|
||||
{ description = "SSH Agent";
|
||||
wantedBy = [ "default.target" ];
|
||||
unitConfig.ConditionUser = "!@system";
|
||||
serviceConfig =
|
||||
{ ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent";
|
||||
ExecStart =
|
||||
|
@ -48,6 +48,7 @@ in {
|
||||
requires = [ "keybase.service" ];
|
||||
after = [ "keybase.service" ];
|
||||
path = [ "/run/wrappers" ];
|
||||
unitConfig.ConditionUser = "!@system";
|
||||
serviceConfig = {
|
||||
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${cfg.mountPoint}";
|
||||
ExecStart = "${pkgs.kbfs}/bin/kbfsfuse ${toString cfg.extraFlags} ${cfg.mountPoint}";
|
||||
|
@ -26,6 +26,7 @@ in {
|
||||
|
||||
systemd.user.services.keybase = {
|
||||
description = "Keybase service";
|
||||
unitConfig.ConditionUser = "!@system";
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${pkgs.keybase}/bin/keybase service --auto-forked
|
||||
|
Loading…
Reference in New Issue
Block a user