blob: 98996966c268355471d05261f94d84261db911f4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
{ config, pkgs, lib, ... }:
let
dirs = config.nixsap.system.worldWritableDirs;
in {
options.nixsap.system.worldWritableDirs = lib.mkOption {
type = lib.types.listOf lib.types.path;
description = "These dirs will be chmod'ed 1777";
default = [ "/tmp" "/var/tmp" ];
};
config = lib.mkIf (dirs != []) {
systemd.services.chmod1777 = {
description = "Make some dirs world-writable";
unitConfig.RequiresMountsFor = dirs;
before = [ "local-fs.target" ];
wantedBy = [ "local-fs.target" ];
serviceConfig = {
ExecStart = "${pkgs.coreutils}/bin/chmod -c 1777 ${lib.concatStringsSep " " dirs}";
Type = "oneshot";
RemainAfterExit = true;
};
};
};
}
|
