mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-17 07:13:23 +01:00
Merge pull request #249323 from kevincox/photoprism-chmod
nixos.photoprism: Relax sandbox to allow running exiftool
This commit is contained in:
commit
96481fd201
1 changed files with 1 additions and 1 deletions
|
@ -123,7 +123,7 @@ in
|
||||||
RestrictNamespaces = true;
|
RestrictNamespaces = true;
|
||||||
RestrictRealtime = true;
|
RestrictRealtime = true;
|
||||||
SystemCallArchitectures = "native";
|
SystemCallArchitectures = "native";
|
||||||
SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
|
SystemCallFilter = [ "@system-service" "~@setuid @keyring" ];
|
||||||
UMask = "0066";
|
UMask = "0066";
|
||||||
} // lib.optionalAttrs (cfg.port < 1024) {
|
} // lib.optionalAttrs (cfg.port < 1024) {
|
||||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||||
|
|
Loading…
Reference in a new issue