mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-16 06:45:16 +01:00
cjdns service: allow writing keys to /etc
20e81f7c0d
prevented key generation in
`preStart`, leaving the service broken for the case where the user has
no pre-existing key.
Eventually, we ought to store the state elsewhere so that `/etc` can be
read-only but for now we fix this the easy way.
This commit is contained in:
parent
f9c684e152
commit
a0338afe5f
1 changed files with 1 additions and 1 deletions
|
@ -260,7 +260,7 @@ in
|
|||
RestartSec = 1;
|
||||
CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_RAW";
|
||||
AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_RAW";
|
||||
ProtectSystem = "full";
|
||||
ProtectSystem = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
ProtectHome = true;
|
||||
PrivateTmp = true;
|
||||
|
|
Loading…
Reference in a new issue