BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nixos/security: add size option to /run/wrappers

Browse source
This commit is contained in:
Justin Restivo 2022-07-31 19:02:42 -04:00
parent 5857574d45
commit 82640adbf0
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
nixos/modules/security/wrappers/default.nix
View file

@ -188,6 +188,16 @@ in
'';
};
security.wrapperDirSize = lib.mkOption {
default = "50%";
example = "10G";
type = lib.types.str;
description = ''
Size limit for the /run/wrappers tmpfs. Look at mount(8), tmpfs size option,
for the accepted syntax. WARNING: don't set to less than 64MB.
'';
};
security.wrapperDir = lib.mkOption {
type = lib.types.path;
default = "/run/wrappers/bin";
@ -230,7 +240,7 @@ in
boot.specialFileSystems.${parentWrapperDir} = {
fsType = "tmpfs";
options = [ "nodev" "mode=755" ];
options = [ "nodev" "mode=755" "size=${config.security.wrapperDirSize}" ];
};
# Make sure our wrapperDir exports to the PATH env variable when