0dc4fe0a44
In #68792 it was discovered that /dev/fuse doesn't have wordl-read-writeable permissions anymore. The cause of this is that the tmpfiles examples in systemd were reorganized and split into more files. We thus lost some of the configuration we were depending on. In this commit some of the new tmpfiles configuration that are applicable to us are added which also makes wtmp/lastlog in the pam module not necessary anymore. Rationale for the new tmpfile configs: - `journal-nowcow.conf`: Contains chattr +C for journald logs which makes sense on copy-on-write filesystems like Btrfs. Other filesystems shouldn't do anything funny when that flag is set. - `static-nodes-permissions.conf`: Contains some permission overrides for some device nodes like audio, loop, tun, fuse and kvm. - `systemd-nspawn.conf`: Makes sure `/var/lib/machines` exists and old snapshots are properly removed. - `systemd-tmp.conf`: Removes systemd services related private tmp folders and temporary coredump files. - `var.conf`: Creates some useful directories in `/var` which we would create anyway at some point. Also includes `/var/log/{wtmp,btmp,lastlog}`. Fixes #68792. |
||
|---|---|---|
| .. | ||
| config | ||
| hardware | ||
| i18n/input-method | ||
| installer | ||
| misc | ||
| profiles | ||
| programs | ||
| security | ||
| services | ||
| system | ||
| tasks | ||
| testing | ||
| virtualisation | ||
| module-list.nix | ||
| rename.nix | ||