b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

nixos/podman: wrap /run/wrappers for setuid shadow binaries

Browse source 
adding it here so it only needs to be done once
This commit is contained in:
zowoq 2023-02-10 08:21:36 +10:00
parent 8ee6a032ca
commit 04b9fcca93
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/virtualisation/podman/default.nix
View file

@ -7,6 +7,8 @@ let
podmanPackage = (pkgs.podman.override {
extraPackages = cfg.extraPackages
# setuid shadow
++ [ "/run/wrappers" ]
++ lib.optional (builtins.elem "zfs" config.boot.supportedFilesystems) config.boot.zfs.package;
});