fail2ban: Fix preStart action

Creating /run/fail2ban didn't work since it didn't have write permission to /run. Now it does. Reported by Thomas Bereknyei.
2013-12-11 21:14:17 +01:00 · 2013-12-11 21:14:17 +01:00 · 14018c2de1
parent ee8a58a72f
commit 14018c2de1
1 changed files with 1 additions and 1 deletions
--- a/nixos/modules/services/security/fail2ban.nix
+++ b/nixos/modules/services/security/fail2ban.nix
@ -106,7 +106,7 @@ in
        serviceConfig =
          { ExecStart = "${pkgs.fail2ban}/bin/fail2ban-server -f";
            ReadOnlyDirectories = "/";
-            ReadWriteDirectories = "/run/fail2ban /var/tmp";
+            ReadWriteDirectories = "/run /var/tmp";
            CapabilityBoundingSet = "CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW";
          };