mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-18 15:56:50 +01:00
3364a1c1a1
fixes this warning: cdrecord <= 2.01.01a05 will be run with root privileges on kernel >= 2.6.8 Since Linux kernel 2.6.8 cdrecord <= 2.01.01a05 will not work when run suid root for security reasons anymore.
52 lines
1.2 KiB
Nix
52 lines
1.2 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
# interface
|
|
options.programs.k3b = {
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = lib.mdDoc ''
|
|
Whether to enable k3b, the KDE disk burning application.
|
|
|
|
Additionally to installing `k3b` enabling this will
|
|
add `setuid` wrappers in `/run/wrappers/bin`
|
|
for both `cdrdao` and `cdrecord`. On first
|
|
run you must manually configure the path of `cdrdae` and
|
|
`cdrecord` to correspond to the appropriate paths under
|
|
`/run/wrappers/bin` in the "Setup External Programs" menu.
|
|
'';
|
|
};
|
|
};
|
|
|
|
# implementation
|
|
config = mkIf config.programs.k3b.enable {
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
k3b
|
|
dvdplusrwtools
|
|
cdrdao
|
|
cdrtools
|
|
];
|
|
|
|
security.wrappers = {
|
|
cdrdao = {
|
|
setuid = true;
|
|
owner = "root";
|
|
group = "cdrom";
|
|
permissions = "u+wrx,g+x";
|
|
source = "${pkgs.cdrdao}/bin/cdrdao";
|
|
};
|
|
cdrecord = {
|
|
setuid = true;
|
|
owner = "root";
|
|
group = "cdrom";
|
|
permissions = "u+wrx,g+x";
|
|
source = "${pkgs.cdrtools}/bin/cdrecord";
|
|
};
|
|
};
|
|
|
|
};
|
|
}
|