mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-17 19:21:04 +00:00
Code Issues Wiki Activity

resolvconf: use correct output files when used with dnsmasq

Browse source
This commit is contained in:
David McFarland 2024-10-15 23:00:40 -03:00
parent 538f39e5cf
commit 403604ca66
3 changed files with 20 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
nixos/modules/config/resolvconf.nix
View file

@ -114,6 +114,15 @@ in
'';
};
subscriberFiles = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [];
description = ''
Files written by resolvconf updates
'';
internal = true;
};
};
};
@ -134,6 +143,8 @@ in
(lib.mkIf cfg.enable {
users.groups.resolvconf = {};
networking.resolvconf.subscriberFiles = [ "/etc/resolv.conf" ];
networking.resolvconf.package = pkgs.openresolv;
environment.systemPackages = [ cfg.package ];
@ -150,8 +161,9 @@ in
script = ''
${lib.getExe cfg.package} -u
chgrp -R resolvconf /etc/resolv.conf /run/resolvconf
chmod -R g=u /etc/resolv.conf /run/resolvconf
files=(/run/resolvconf ${lib.escapeShellArgs cfg.subscriberFiles})
chgrp -R resolvconf "''${files[@]}"
chmod -R g=u "''${files[@]}"
'';
};

2
nixos/modules/services/networking/dhcpcd.nix
View file

@ -250,7 +250,7 @@ in
Restart = "always";
AmbientCapabilities = [ "CAP_NET_ADMIN" "CAP_NET_RAW" "CAP_NET_BIND_SERVICE" ];
ReadWritePaths = [ "/proc/sys/net/ipv6" ]
++ lib.optionals useResolvConf [ "/etc/resolv.conf" "/run/resolvconf" ];
++ lib.optionals useResolvConf ([ "/run/resolvconf" ] ++ config.networking.resolvconf.subscriberFiles);
DeviceAllow = "";
LockPersonality = true;
MemoryDenyWriteExecute = true;

5
nixos/modules/services/networking/dnsmasq.nix
View file

@ -133,6 +133,11 @@ in
dnsmasq_conf=/etc/dnsmasq-conf.conf
dnsmasq_resolv=/etc/dnsmasq-resolv.conf
'';
subscriberFiles = [
"/etc/dnsmasq-conf.conf"
"/etc/dnsmasq-resolv.conf"
];
};
systemd.services.dnsmasq = {