public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #58458 from worldofpeace/colord/no-root 

nixos/colord: don't run as root
This commit is contained in:
Silvan Mosberger 2019-03-30 04:06:55 +01:00 committed by GitHub
parent 2806041afc f22fbe1175
commit 81e2fb5303
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
nixos/modules/services/x11/colord.nix
View File

@ -18,22 +18,23 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.colord ];
services.dbus.packages = [ pkgs.colord ]; services.dbus.packages = [ pkgs.colord ];
services.udev.packages = [ pkgs.colord ]; services.udev.packages = [ pkgs.colord ];
environment.systemPackages = [ pkgs.colord ]; systemd.packages = [ pkgs.colord ];
systemd.services.colord = { environment.etc."tmpfiles.d/colord.conf".source = "${pkgs.colord}/lib/tmpfiles.d/colord.conf";
description = "Manage, Install and Generate Color Profiles";
serviceConfig = { users.users.colord = {
Type = "dbus"; home = "/var/lib/colord";
BusName = "org.freedesktop.ColorManager"; group = "colord";
ExecStart = "${pkgs.colord}/libexec/colord";
PrivateTmp = true;
};
}; };
users.groups.colord = {};
}; };
} }

1
pkgs/tools/misc/colord/default.nix
View File

@ -56,6 +56,7 @@ stdenv.mkDerivation rec {
"-Dlibcolordcompat=true" "-Dlibcolordcompat=true"
"-Dsane=true" "-Dsane=true"
"-Dvapi=true" "-Dvapi=true"
"-Ddaemon_user=colord"
]; ];
nativeBuildInputs = [ nativeBuildInputs = [