diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2017-03-14 17:28:37 +0100 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2017-03-14 17:28:37 +0100 |
| commit | e100119827474928636c2ed9a9772f3c5107663b (patch) | |
| tree | 80833a41f9f067125fea734b134b0a9424fd7159 /custom/uucp.nix | |
| parent | 000d46fbd462dc59aa143261b894f9c470e54040 (diff) | |
| parent | f655f88cbbc334ad56a79c2287f18defa5aa98ba (diff) | |
| download | nixos-e100119827474928636c2ed9a9772f3c5107663b.tar nixos-e100119827474928636c2ed9a9772f3c5107663b.tar.gz nixos-e100119827474928636c2ed9a9772f3c5107663b.tar.bz2 nixos-e100119827474928636c2ed9a9772f3c5107663b.tar.xz nixos-e100119827474928636c2ed9a9772f3c5107663b.zip | |
Merge branch 'master' of git:nixos
Diffstat (limited to 'custom/uucp.nix')
| -rw-r--r-- | custom/uucp.nix | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/custom/uucp.nix b/custom/uucp.nix index d7c2aae2..0b4b1306 100644 --- a/custom/uucp.nix +++ b/custom/uucp.nix | |||
| @@ -208,7 +208,17 @@ in { | |||
| 208 | text = config.services.uucp.extraSys + "\n" + concatStringsSep "\n" (map sysSpec config.services.uucp.remoteNodes); | 208 | text = config.services.uucp.extraSys + "\n" + concatStringsSep "\n" (map sysSpec config.services.uucp.remoteNodes); |
| 209 | }; | 209 | }; |
| 210 | 210 | ||
| 211 | security.setuidOwners = map (p: {program = p; owner = "root"; group = "root"; setuid = true; setgid = false;}) ["uucico" "uuxqt" "cu" "uucp" "uuname" "uustat" "uux"]; | 211 | security.wrappers = let |
| 212 | wrapper = p: { name = p; | ||
| 213 | value = { | ||
| 214 | source = "${pkgs.uucp}/bin/${p}"; | ||
| 215 | owner = "root"; | ||
| 216 | group = "root"; | ||
| 217 | setuid = true; | ||
| 218 | setgid = false; | ||
| 219 | }; | ||
| 220 | }; | ||
| 221 | in listToAttrs (map wrapper ["uucico" "uuxqt" "cu" "uucp" "uuname" "uustat" "uux"]); | ||
| 212 | 222 | ||
| 213 | nixpkgs.config.packageOverrides = pkgs: with pkgs; { | 223 | nixpkgs.config.packageOverrides = pkgs: with pkgs; { |
| 214 | uucp = stdenv.lib.overrideDerivation uucp (oldAttrs: { | 224 | uucp = stdenv.lib.overrideDerivation uucp (oldAttrs: { |
| @@ -227,7 +237,7 @@ in { | |||
| 227 | choices as appropriate. */ | 237 | choices as appropriate. */ |
| 228 | #if 1 | 238 | #if 1 |
| 229 | -#define MAIL_PROGRAM "/usr/lib/sendmail -t" | 239 | -#define MAIL_PROGRAM "/usr/lib/sendmail -t" |
| 230 | +#define MAIL_PROGRAM "/var/setuid-wrappers/sendmail -t" | 240 | +#define MAIL_PROGRAM "${config.security.wrapperDir}/sendmail -t" |
| 231 | /* #define MAIL_PROGRAM "/usr/sbin/sendmail -t" */ | 241 | /* #define MAIL_PROGRAM "/usr/sbin/sendmail -t" */ |
| 232 | #define MAIL_PROGRAM_TO_BODY 1 | 242 | #define MAIL_PROGRAM_TO_BODY 1 |
| 233 | #define MAIL_PROGRAM_SUBJECT_BODY 1 | 243 | #define MAIL_PROGRAM_SUBJECT_BODY 1 |
| @@ -246,7 +256,7 @@ in { | |||
| 246 | *) from="$from@$relay";; | 256 | *) from="$from@$relay";; |
| 247 | esac | 257 | esac |
| 248 | 258 | ||
| 249 | exec /var/setuid-wrappers/sendmail -i -f "$from" -- "$@" | 259 | exec ${config.security.wrapperDir}/sendmail -G -i -f "$from" -- "$@" |
| 250 | ''; | 260 | ''; |
| 251 | }; | 261 | }; |
| 252 | 262 | ||
| @@ -254,6 +264,6 @@ in { | |||
| 254 | uucp | 264 | uucp |
| 255 | ]; | 265 | ]; |
| 256 | 266 | ||
| 257 | services.cron.systemCronJobs = (map (name: "${config.services.uucp.interval} /var/setuid-wrappers/uucico -D -S ${name}") (if (config.services.uucp.interval != null) then config.services.uucp.remoteNodes else [])); | 267 | services.cron.systemCronJobs = (map (name: "${config.services.uucp.interval} ${config.security.wrapperDir}/uucico -D -S ${name}") (if (config.services.uucp.interval != null) then config.services.uucp.remoteNodes else [])); |
| 258 | }; | 268 | }; |
| 259 | } | 269 | } |