nixos/openrazer: Add a users option
This commit is contained in:
parent
42c6771744
commit
465c9269dd
3 changed files with 18 additions and 6 deletions
|
@ -656,8 +656,11 @@
|
|||
no longer need be granted the entire set of
|
||||
<literal>plugdev</literal> group permissions, which can
|
||||
include permissions other than those required by
|
||||
<literal>openrazer</literal>. This can be desirable from a
|
||||
security point of view.
|
||||
<literal>openrazer</literal>. This is desirable from a
|
||||
security point of view. The setting
|
||||
<link xlink:href="options.html#opt-services.hardware.openrazer.users"><literal>harware.openrazer.users</literal></link>
|
||||
can be used to add users to the <literal>openrazer</literal>
|
||||
group.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
|
|
@ -164,7 +164,7 @@ pt-services.clipcat.enable).
|
|||
|
||||
- `programs.neovim.runtime` switched to a `linkFarm` internally, making it impossible to use wildcards in the `source` argument.
|
||||
|
||||
- The `openrazer` and `openrazer-daemon` packages as well as the `hardware.openrazer` module now require users to be members of the `openrazer` group instead of `plugdev`. With this change, users no longer need be granted the entire set of `plugdev` group permissions, which can include permissions other than those required by `openrazer`. This can be desirable from a security point of view.
|
||||
- The `openrazer` and `openrazer-daemon` packages as well as the `hardware.openrazer` module now require users to be members of the `openrazer` group instead of `plugdev`. With this change, users no longer need be granted the entire set of `plugdev` group permissions, which can include permissions other than those required by `openrazer`. This is desirable from a security point of view. The setting [`harware.openrazer.users`](options.html#opt-services.hardware.openrazer.users) can be used to add users to the `openrazer` group.
|
||||
|
||||
## Other Notable Changes {#sec-release-21.11-notable-changes}
|
||||
|
||||
|
|
|
@ -51,8 +51,6 @@ in
|
|||
hardware.openrazer = {
|
||||
enable = mkEnableOption ''
|
||||
OpenRazer drivers and userspace daemon.
|
||||
Any users that wish to make use of the daemon need to be
|
||||
members of the "openrazer" group.
|
||||
'';
|
||||
|
||||
verboseLogging = mkOption {
|
||||
|
@ -96,6 +94,15 @@ in
|
|||
generate a heatmap.
|
||||
'';
|
||||
};
|
||||
|
||||
users = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [];
|
||||
description = ''
|
||||
Usernames to be added to the "openrazer" group, so that they
|
||||
can start and interact with the OpenRazer userspace daemon.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -113,7 +120,9 @@ in
|
|||
# A user must be a member of the openrazer group in order to start
|
||||
# the openrazer-daemon. Therefore we make sure that the group
|
||||
# exists.
|
||||
users.groups.openrazer = {};
|
||||
users.groups.openrazer = {
|
||||
members = cfg.users;
|
||||
};
|
||||
|
||||
systemd.user.services.openrazer-daemon = {
|
||||
description = "Daemon to manage razer devices in userspace";
|
||||
|
|
Loading…
Reference in a new issue