From 489ca7e5c0af32159ce99db1beba259e7d84a9ef Mon Sep 17 00:00:00 2001 From: Anmol Sethi <anmol@aubble.com> Date: Sat, 1 Oct 2016 11:48:09 -0400 Subject: [PATCH] powerdns: removed PrivateTmp=true in serviceConfig As discussed in #18718 PrivateTmp is unnecessary because powerdns is chrooted to /var/lib/powerdns. I also added myself as co-maintainer. --- lib/maintainers.nix | 1 + nixos/modules/services/networking/powerdns.nix | 1 - pkgs/servers/dns/powerdns/default.nix | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/maintainers.nix b/lib/maintainers.nix index 08d6c8a8a71a..fd5441d987c5 100644 --- a/lib/maintainers.nix +++ b/lib/maintainers.nix @@ -290,6 +290,7 @@ nckx = "Tobias Geerinckx-Rice <tobias.geerinckx.rice@gmail.com>"; nequissimus = "Tim Steinbach <tim@nequissimus.com>"; nfjinjing = "Jinjing Wang <nfjinjing@gmail.com>"; + nhooyr = "Anmol Sethi <anmol@aubble.com>"; nico202 = "Nicolò Balzarotti <anothersms@gmail.com>"; notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>"; NikolaMandic = "Ratko Mladic <nikola@mandic.email>"; diff --git a/nixos/modules/services/networking/powerdns.nix b/nixos/modules/services/networking/powerdns.nix index 91ad63b88139..ba05e15389f6 100644 --- a/nixos/modules/services/networking/powerdns.nix +++ b/nixos/modules/services/networking/powerdns.nix @@ -35,7 +35,6 @@ in { Restart="on-failure"; RestartSec="1"; StartLimitInterval="0"; - PrivateTmp=true; PrivateDevices=true; CapabilityBoundingSet="CAP_CHOWN CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT"; NoNewPrivileges=true; diff --git a/pkgs/servers/dns/powerdns/default.nix b/pkgs/servers/dns/powerdns/default.nix index 63cd71e146b9..6eec9c3b3050 100644 --- a/pkgs/servers/dns/powerdns/default.nix +++ b/pkgs/servers/dns/powerdns/default.nix @@ -36,6 +36,6 @@ stdenv.mkDerivation rec { platforms = platforms.linux; # cannot find postgresql libs on macos x license = licenses.gpl2; - maintainers = [ maintainers.mic92 ]; + maintainers = [ maintainers.mic92 maintainers.nhooyr ]; }; }