de251704d6
nscd doesn't create any files outside of /run/nscd unless the nscd.conf "persistent" option is used, which we don't do by default. Therefore it doesn't matter what UID/GID we run this service as, so long as it isn't shared with any other running processes. /run/nscd does need to be owned by the same UID that the service is running as, but systemd takes care of that for us thanks to the RuntimeDirectory directive. If someone wants to turn on the "persistent" option, they need to manually configure users.users.nscd and systemd.tmpfiles.rules so that /var/db/nscd is owned by the same user that nscd runs as. In an all-defaults boot.isContainer configuration of NixOS, this removes the only user which did not have a pre-assigned UID. |
||
|---|---|---|
| .. | ||
| kerberos | ||
| cgmanager.nix | ||
| cloud-init.nix | ||
| dbus.nix | ||
| earlyoom.nix | ||
| localtime.nix | ||
| nscd.conf | ||
| nscd.nix | ||
| saslauthd.nix | ||
| uptimed.nix | ||