Figured out how to correctly change ownership
This commit is contained in:
parent
a72e23a198
commit
49009f67e7
|
|
@ -74,7 +74,7 @@ let
|
||||||
after = [ "network-online.target" ];
|
after = [ "network-online.target" ];
|
||||||
description =
|
description =
|
||||||
"Heimdal Kerberos Key Distribution Center (primary ticket server).";
|
"Heimdal Kerberos Key Distribution Center (primary ticket server).";
|
||||||
path = with pkgs; [ heimdal ];
|
path = with pkgs; [ heimdal coreutils ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
PrivateDevices = true;
|
PrivateDevices = true;
|
||||||
PrivateTmp = true;
|
PrivateTmp = true;
|
||||||
|
|
@ -97,10 +97,12 @@ let
|
||||||
RestartSec = "5s";
|
RestartSec = "5s";
|
||||||
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
||||||
SecureBits = "keep-caps";
|
SecureBits = "keep-caps";
|
||||||
ExecStartPre = ''
|
ExecStartPre = let
|
||||||
chown ${cfg.user}:${cfg.group} ${cfg.kdc.database}
|
chownScript = ''
|
||||||
chown ${cfg.user}:${cfg.group} ${cfg.kdc.state-directory}/kerberos.log
|
chown ${cfg.user}:${cfg.group} ${cfg.kdc.database}
|
||||||
'';
|
chown ${cfg.user}:${cfg.group} ${cfg.kdc.state-directory}/kerberos.log
|
||||||
|
'';
|
||||||
|
in "+${chownScript}";
|
||||||
ExecStart = let
|
ExecStart = let
|
||||||
ips = if (cfg.kdc.bind-addresses != [ ]) then
|
ips = if (cfg.kdc.bind-addresses != [ ]) then
|
||||||
cfg.kdc.bind-addresses
|
cfg.kdc.bind-addresses
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue