forked from DGNum/liminix
add o+x permission on service-state directories
this is needed for resolvconf, which writes resolv.conf as an output and wants to make it world-readable
This commit is contained in:
parent
ff2d3e1a63
commit
aecbe08f08
4 changed files with 4 additions and 3 deletions
|
@ -128,6 +128,7 @@ in rec {
|
|||
( in_outputs ${name}
|
||||
echo "nameserver $(output ${services.wan} ns1)" > resolv.conf
|
||||
echo "nameserver $(output ${services.wan} ns2)" >> resolv.conf
|
||||
chmod 0444 resolv.conf
|
||||
)
|
||||
'';
|
||||
down = ''
|
||||
|
|
|
@ -22,7 +22,7 @@ let
|
|||
++
|
||||
(mapAttrsToList (name: opts: "peer ${name} ${concatStringsSep "" opts}")
|
||||
p.peers)
|
||||
++ [ "user ${p.user}" ]
|
||||
++ lib.optional (p.user != null) "user ${p.user}"
|
||||
++ (lib.optional (p.makestep != null) "makestep ${toString p.makestep.threshold} ${toString p.makestep.limit}")
|
||||
++ (map (n: "allow ${n}") p.allow)
|
||||
++ (lib.optional (p.bindaddress != null) "bindaddress ${p.bindaddress}")
|
||||
|
|
|
@ -21,7 +21,7 @@ mount -t sysfs none /sys
|
|||
mkdir /dev/pts
|
||||
mount -t devpts none /dev/pts
|
||||
|
||||
mkdir -m 0750 /run/service-state
|
||||
mkdir -m 0751 /run/service-state
|
||||
chgrp system /run/service-state
|
||||
|
||||
### If your services are managed by s6-rc:
|
||||
|
|
|
@ -4,7 +4,7 @@ writeText "service-fns.sh" ''
|
|||
output_path() { echo $(realpath $1/.outputs)/$2; }
|
||||
mkoutputs() {
|
||||
d=/run/service-state/$1
|
||||
mkdir -m 2750 -p $d && chown root:system $d
|
||||
mkdir -m 2751 -p $d && chown root:system $d
|
||||
echo $d
|
||||
}
|
||||
in_outputs() {
|
||||
|
|
Loading…
Reference in a new issue