1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 13:41:26 +00:00
nixpkgs/nixos/modules
Dominique Martinet d8fa2627f3 mpd: remove user/group from conf
the options should not be set as we already change user with service
file, man mpd.conf says "Do not use this option if you start MPD as an
unprivileged user"

The group option actually is not documented at all anymore and probably
no longer exists.

These options get in the way of setting up confinement for the service,
as it would otherwise be pretty straightforward to setup, but even if
mpd is not root it would check the user exists within the chroot which
is more work (need to get nss working):

  systemd.services.mpd = {
    serviceConfig.BindPaths = [
      # mpd state dir
      "/var/lib/mpd"
      # notify systemd service started up
      "/run/systemd/notify"
    ];
    serviceConfig.BindReadOnlyPaths = [
      "/path/to/music:/var/lib/mpd/music"
    ];
    # ProtectSystem is not compatible with confinement
    serviceConfig.ProtectSystem = lib.mkForce false;
    confinement = {
      enable = true;
      binSh = null;
      mode = "chroot-only";
    };
  };
2020-05-10 20:24:33 +02:00
..
config nixos/systemd: move NSS module logic to systemd module 2020-05-05 15:59:30 +02:00
hardware nixos/device-tree: fix package name in examples 2020-05-10 20:13:54 +02:00
i18n/input-method Revert "ibus: fix dconf db installation" 2020-04-24 18:22:59 -04:00
installer Merge pull request #85996 from misuzu/nixos-install-low-memory 2020-05-08 18:40:24 +03:00
misc Update link in /etc/os-release (#85723) 2020-04-22 00:16:22 +02:00
profiles Merge pull request #74378 from ttuegel/lxc-container 2020-04-25 16:25:15 +02:00
programs Merge master into staging-next 2020-05-05 19:51:09 +02:00
security nixos/confinement: add conflict for ProtectSystem service option 2020-05-10 19:25:41 +02:00
services mpd: remove user/group from conf 2020-05-10 20:24:33 +02:00
system nixos/raspberrypi-builder: fix cross using buildPackages 2020-05-10 16:03:31 +02:00
tasks nixos/networking: move network-link-${i.name} to scripted networking 2020-04-13 22:03:35 +02:00
testing nixos/service-runner.nix: Allow quotes in commands + test 2020-02-28 14:26:29 +01:00
virtualisation Merge branch 'staging-next' 2020-05-06 08:20:05 +02:00
module-list.nix nixos/doas: init 2020-05-04 15:56:06 -07:00
rename.nix prey-bash-client: remove 2020-04-28 09:44:55 +01:00