public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Beebooboop

This commit is contained in:
Parnell Springmeyer 2017-01-29 05:39:18 -06:00
parent a3e9d77640
commit 3215bcf445
No known key found for this signature in database
GPG Key ID: DCCF89258EAD874A
1 changed files with 10 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
nixos/modules/tasks/network-interfaces.nix
View File

@ -898,27 +898,19 @@ in
# Capabilities won't work unless we have at-least a 4.3 Linux # Capabilities won't work unless we have at-least a 4.3 Linux
# kernel because we need the ambient capability # kernel because we need the ambient capability
security = mkIf (versionAtLeast (getVersion config.boot.kernelPackages.kernel) "4.3") { security.wrappers = if (versionAtLeast (getVersion config.boot.kernelPackages.kernel) "4.3") then {
wrappers = { ping = {
ping = { source = "${pkgs.iputils.out}/bin/ping";
source = "${pkgs.iputils.out}/bin/ping"; capabilities = "cap_net_raw+p";
capabilities = "cap_net_raw+p";
};
ping6 = {
source = "${pkgs.iputils.out}/bin/ping6";
capabilities = "cap_net_raw+p";
};
}; };
};
# If the linux kernel IS older than 4.3, create setuid wrappers ping6 = {
# for ping and ping6 source = "${pkgs.iputils.out}/bin/ping6";
security = mkIf (versionOlder (getVersion config.boot.kernelPackages.kernel) "4.3") { capabilities = "cap_net_raw+p";
wrappers = {
ping.source = "${pkgs.iputils.out}/bin/ping";
"ping6".source = "${pkgs.iputils.out}/bin/ping6";
}; };
} else {
ping.source = "${pkgs.iputils.out}/bin/ping";
"ping6".source = "${pkgs.iputils.out}/bin/ping6";
}; };
# Set the host and domain names in the activation script. Don't # Set the host and domain names in the activation script. Don't