Loading nixos/modules/module-list.nix +2 −0 Original line number Diff line number Diff line Loading @@ -148,6 +148,7 @@ ./programs/alvr.nix ./programs/appgate-sdp.nix ./programs/appimage.nix ./programs/arp-scan.nix ./programs/atop.nix ./programs/ausweisapp.nix ./programs/autojump.nix Loading Loading @@ -296,6 +297,7 @@ ./programs/sysdig.nix ./programs/system-config-printer.nix ./programs/systemtap.nix ./programs/tcpdump.nix ./programs/thefuck.nix ./programs/thunar.nix ./programs/thunderbird.nix Loading nixos/modules/programs/arp-scan.nix 0 → 100644 +32 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let cfg = config.programs.arp-scan; in { options = { programs.arp-scan = { enable = lib.mkOption { type = lib.types.bool; default = false; description = '' Whether to configure a setcap wrapper for arp-scan. ''; }; }; }; config = lib.mkIf cfg.enable { security.wrappers.arp-scan = { owner = "root"; group = "root"; capabilities = "cap_net_raw+p"; source = lib.getExe pkgs.arp-scan; }; }; } nixos/modules/programs/iftop.nix +10 −4 Original line number Diff line number Diff line { config, pkgs, lib, ... }: { config, pkgs, lib, ... }: let cfg = config.programs.iftop; in { in { options = { programs.iftop.enable = lib.mkEnableOption "iftop + setcap wrapper"; programs.iftop.enable = lib.mkEnableOption "iftop and setcap wrapper for it"; }; config = lib.mkIf cfg.enable { environment.systemPackages = [ pkgs.iftop ]; Loading @@ -12,7 +18,7 @@ in { owner = "root"; group = "root"; capabilities = "cap_net_raw+p"; source = "${pkgs.iftop}/bin/iftop"; source = lib.getExe pkgs.iftop; }; }; } nixos/modules/programs/tcpdump.nix 0 → 100644 +36 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let cfg = config.programs.tcpdump; in { options = { programs.tcpdump = { enable = lib.mkOption { type = lib.types.bool; default = false; description = '' Whether to configure a setcap wrapper for tcpdump. To use it, add your user to the `pcap` group. ''; }; }; }; config = lib.mkIf cfg.enable { security.wrappers.tcpdump = { owner = "root"; group = "pcap"; capabilities = "cap_net_raw+p"; permissions = "u+rx,g+x"; source = lib.getExe pkgs.tcpdump; }; users.groups.pcap = { }; }; } nixos/modules/programs/traceroute.nix +9 −3 Original line number Diff line number Diff line { config, lib, pkgs, ... }: { config, lib, pkgs, ... }: let cfg = config.programs.traceroute; in { in { options = { programs.traceroute = { enable = lib.mkOption { Loading @@ -20,7 +26,7 @@ in { owner = "root"; group = "root"; capabilities = "cap_net_raw+p"; source = "${pkgs.traceroute}/bin/traceroute"; source = lib.getExe pkgs.traceroute; }; }; } Loading
nixos/modules/module-list.nix +2 −0 Original line number Diff line number Diff line Loading @@ -148,6 +148,7 @@ ./programs/alvr.nix ./programs/appgate-sdp.nix ./programs/appimage.nix ./programs/arp-scan.nix ./programs/atop.nix ./programs/ausweisapp.nix ./programs/autojump.nix Loading Loading @@ -296,6 +297,7 @@ ./programs/sysdig.nix ./programs/system-config-printer.nix ./programs/systemtap.nix ./programs/tcpdump.nix ./programs/thefuck.nix ./programs/thunar.nix ./programs/thunderbird.nix Loading
nixos/modules/programs/arp-scan.nix 0 → 100644 +32 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let cfg = config.programs.arp-scan; in { options = { programs.arp-scan = { enable = lib.mkOption { type = lib.types.bool; default = false; description = '' Whether to configure a setcap wrapper for arp-scan. ''; }; }; }; config = lib.mkIf cfg.enable { security.wrappers.arp-scan = { owner = "root"; group = "root"; capabilities = "cap_net_raw+p"; source = lib.getExe pkgs.arp-scan; }; }; }
nixos/modules/programs/iftop.nix +10 −4 Original line number Diff line number Diff line { config, pkgs, lib, ... }: { config, pkgs, lib, ... }: let cfg = config.programs.iftop; in { in { options = { programs.iftop.enable = lib.mkEnableOption "iftop + setcap wrapper"; programs.iftop.enable = lib.mkEnableOption "iftop and setcap wrapper for it"; }; config = lib.mkIf cfg.enable { environment.systemPackages = [ pkgs.iftop ]; Loading @@ -12,7 +18,7 @@ in { owner = "root"; group = "root"; capabilities = "cap_net_raw+p"; source = "${pkgs.iftop}/bin/iftop"; source = lib.getExe pkgs.iftop; }; }; }
nixos/modules/programs/tcpdump.nix 0 → 100644 +36 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let cfg = config.programs.tcpdump; in { options = { programs.tcpdump = { enable = lib.mkOption { type = lib.types.bool; default = false; description = '' Whether to configure a setcap wrapper for tcpdump. To use it, add your user to the `pcap` group. ''; }; }; }; config = lib.mkIf cfg.enable { security.wrappers.tcpdump = { owner = "root"; group = "pcap"; capabilities = "cap_net_raw+p"; permissions = "u+rx,g+x"; source = lib.getExe pkgs.tcpdump; }; users.groups.pcap = { }; }; }
nixos/modules/programs/traceroute.nix +9 −3 Original line number Diff line number Diff line { config, lib, pkgs, ... }: { config, lib, pkgs, ... }: let cfg = config.programs.traceroute; in { in { options = { programs.traceroute = { enable = lib.mkOption { Loading @@ -20,7 +26,7 @@ in { owner = "root"; group = "root"; capabilities = "cap_net_raw+p"; source = "${pkgs.traceroute}/bin/traceroute"; source = lib.getExe pkgs.traceroute; }; }; }
