nixpkgs/nixos/modules
Luflosi 3c63da7cf8
nixos/tor: allow tor to read resolv.conf when using resolved
When `services.resolved.enable` is set to true, the file /etc/resolv.conf becomes a symlink to /etc/static/resolv.conf, which is a symlink to /run/systemd/resolve/stub-resolv.conf. Without this commit, tor does not have access to this file thanks to systemd confinement. This results in the following warning when tor starts:
```
[warn] Unable to stat resolver configuration in '/etc/resolv.conf': No such file or directory
[warn] Could not read your DNS config from '/etc/resolv.conf' - please investigate your DNS configuration. This is possibly a problem. Meanwhile, falling back to local DNS at 127.0.0.1.
```
To fix this, simply allow read-only access to the file when resolved is in use.
According to https://github.com/NixOS/nixpkgs/pull/161818#discussion_r824820462, the symlink may also point to /run/systemd/resolve/resolv.conf, so allow that as well.
2022-03-15 15:16:14 +01:00
..
config nixos/fonts: Remove ancient bitmap fonts from defaultXFonts 2022-03-13 15:37:48 -07:00
hardware nixos/nvidia: add vaapi support 2022-03-14 22:35:11 -07:00
i18n/input-method nixos/documentation: split options doc build 2022-01-02 19:46:13 +01:00
installer nix-fallback-paths.nix: Update to 2.7.0 2022-03-08 22:40:16 +08:00
misc nixos/os-release: generate from attrset 2022-03-04 09:36:40 +08:00
profiles nixos/nix-daemon: use structural settings 2022-01-26 21:04:50 -05:00
programs nixos/captive-browser: add to menu bar 2022-03-13 20:22:00 +08:00
security Merge pull request #156858: nixos/polkit: don't enable by default 2022-03-05 14:48:35 +01:00
services nixos/tor: allow tor to read resolv.conf when using resolved 2022-03-15 15:16:14 +01:00
system nixos/switch-to-configuration: fix installBootLoader escaping 2022-03-14 02:12:52 +01:00
tasks treewide: remove obsolete kernel version checks 2022-02-19 21:09:19 +00:00
testing nixos/tests: also set TimeoutStart in systemd.user.extraConfig 2022-01-21 04:18:05 +01:00
virtualisation nixos/oci-containers: improve description of imageFile 2022-03-12 11:14:22 +01:00
module-list.nix nixos/systembus-notify: add support for system services notifying users 2022-03-13 20:21:21 +08:00
rename.nix Remove F-PROT package and service module (EoL) (#160372) 2022-03-02 21:51:47 +02:00