Unverified Commit 19a49413 authored by rnhmjoj's avatar rnhmjoj
Browse files

nixos/resolvconf: add a resolvconf group 

This group is useful to allow specific users to run resolvconf and
(and this modify /etc/resolv.conf) without root privileges.
parent 9387bb89

nixos/modules/config/resolvconf.nix

+8 −5
Original line number Diff line number Diff line
@@ -132,6 +132,8 @@ in 
    }



    (lib.mkIf cfg.enable {

      users.groups.resolvconf = {};



      networking.resolvconf.package = pkgs.openresolv;



      environment.systemPackages = [ cfg.package ];
@@ -143,12 +145,13 @@ in 
        wants = [ "network-pre.target" ];

        wantedBy = [ "multi-user.target" ];

        restartTriggers = [ config.environment.etc."resolvconf.conf".source ];

        serviceConfig.RemainAfterExit = true;



        serviceConfig = {

          Type = "oneshot";

          ExecStart = "${cfg.package}/bin/resolvconf -u";

          RemainAfterExit = true;

        };

        script = ''

          ${lib.getExe cfg.package} -u

          chgrp -R resolvconf /etc/resolv.conf /run/resolvconf

          chmod -R g=u /etc/resolv.conf /run/resolvconf

        '';

      };



    })