Unverified Commit 248c463f authored by Grimmauld's avatar Grimmauld
Browse files

nixos/tmpfiles: explicitly set RestrictSUIDSGID = false 

This ensures the tmpfiles resetup service has permissions
to create suid/sgid files, even if `DefaultRestrictSUIDSGID`
is set in system.conf. This is required, as tmpfiles
are used to e.g. set file permissions on the journal
directory.`DefaultRestrictSUIDSGID` is a new feature
coming in systemd 258 [1].

[1] https://github.com/systemd/systemd/pull/38126
parent 5e872a49

nixos/modules/system/boot/systemd/tmpfiles.nix

+1 −0
Original line number Diff line number Diff line
@@ -280,6 +280,7 @@ in 
          "network.hosts"

          "ssh.authorized_keys.root"

        ];

        RestrictSUIDSGID = false;

      };

    };