BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #184368 from DieracDelta/jr/wrappers-run-size-option

Browse source 
nixos/security: add size option to /run/wrappers
This commit is contained in:
Robert Hensing 2022-08-14 19:13:17 +02:00 committed by GitHub
commit d00583540b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
nixos/modules/security/wrappers/default.nix
View file

@ -185,6 +185,16 @@ in
'';
};
security.wrapperDirSize = lib.mkOption {
default = "50%";
example = "10G";
type = lib.types.str;
description = ''
Size limit for the /run/wrappers tmpfs. Look at mount(8), tmpfs size option,
for the accepted syntax. WARNING: don't set to less than 64MB.
'';
};
security.wrapperDir = lib.mkOption {
type = lib.types.path;
default = "/run/wrappers/bin";
@ -227,7 +237,7 @@ in
boot.specialFileSystems.${parentWrapperDir} = {
fsType = "tmpfs";
options = [ "nodev" "mode=755" ];
options = [ "nodev" "mode=755" "size=${config.security.wrapperDirSize}" ];
};
# Make sure our wrapperDir exports to the PATH env variable when