talexander/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

nixos/systemd: run0: enable setLoginUid, disable pamMount (#428459)

Browse Source
This commit is contained in:
Florian Klink 2025-07-26 19:51:50 +02:00 committed by GitHub
commit e9df8b4e2f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/modules/system/boot/systemd.nix
View File

@ -838,7 +838,11 @@ in
# error that were trying to avoid cant possibly happen if polkit isnt enabled. When polkit isnt # error that were trying to avoid cant possibly happen if polkit isnt enabled. When polkit isnt
# enabled, run0 will fail before it even tries to run the command. # enabled, run0 will fail before it even tries to run the command.
security.pam.services = mkIf config.security.polkit.enable { security.pam.services = mkIf config.security.polkit.enable {
systemd-run0 = { }; systemd-run0 = {
# Upstream config: https://github.com/systemd/systemd/blob/main/src/run/systemd-run0.in
setLoginUid = true;
pamMount = false;
};
}; };
}; };