dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

nixos/snapper: services.snapperd sync serviceConfig with upstream

Browse Source
This commit is contained in:
Artturin 2021-09-23 05:51:58 +03:00
parent 25d3e6d01f
commit 7001a46766
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
nixos/modules/services/misc/snapper.nix
View File

@ -138,6 +138,13 @@ in
Type = "dbus";
BusName = "org.opensuse.Snapper";
ExecStart = "${pkgs.snapper}/bin/snapperd";
CapabilityBoundingSet = "CAP_DAC_OVERRIDE CAP_FOWNER CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_SYS_ADMIN CAP_SYS_MODULE CAP_IPC_LOCK CAP_SYS_NICE";
LockPersonality = true;
NoNewPrivileges = false;
PrivateNetwork = true;
ProtectHostname = true;
RestrictAddressFamilies = "AF_UNIX";
RestrictRealtime = true;
};
};