Commit 37874d41 authored by Berk D. Demir's avatar Berk D. Demir
Browse files

nixos/tpm2: Fix FAPI directory permission setting 

Use `tssUser` option value for FAPI log directory user in
systemd-tmpfiles rules, instead of hardcoding `tss`.

If `security.tpm2.abrmd.enable = false` (default), `tssUser` is root.

Fixes systemd-tmpfiles-resetup error:
  /etc/tmpfiles.d/00-nixos.conf:<ln>: Failed to resolve user 'tss': No such process
parent 0b4defa2

nixos/modules/security/tpm2.nix

+1 −1
Original line number Diff line number Diff line
@@ -380,7 +380,7 @@ in 
      {

        environment.etc."tpm2-tss/fapi-config.json".source = fapiConfig;

        systemd.tmpfiles.rules = [

          "d ${cfg.fapi.logDir} 2750 tss ${cfg.tssGroup} -"

          "d ${cfg.fapi.logDir} 2750 ${cfg.tssUser} ${cfg.tssGroup} -"

          "d ${cfg.fapi.systemDir} 2750 root ${cfg.tssGroup} -"

        ];

      }