{uptimed,nixos/uptimed}: switch to /var/lib/ and fix perms
This commit is contained in:
parent
ecc968543c
commit
bd8eeec9c0
@ -596,6 +596,14 @@
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>services.uptimed</literal> now uses
|
||||
<literal>/var/lib/uptimed</literal> as its stateDirectory
|
||||
instead of <literal>/var/spool/uptimed</literal>. Make sure to
|
||||
move all files to the new directory.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="sec-release-21.11-notable-changes">
|
||||
|
@ -151,6 +151,8 @@ pt-services.clipcat.enable).
|
||||
- `CoenraadS.bracket-pair-colorizer` -> `coenraads.bracket-pair-colorizer`
|
||||
- `golang.Go` -> `golang.go`
|
||||
|
||||
- `services.uptimed` now uses `/var/lib/uptimed` as its stateDirectory instead of `/var/spool/uptimed`. Make sure to move all files to the new directory.
|
||||
|
||||
## Other Notable Changes {#sec-release-21.11-notable-changes}
|
||||
|
||||
- The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets.
|
||||
|
@ -4,7 +4,7 @@ with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.uptimed;
|
||||
stateDir = "/var/spool/uptimed";
|
||||
stateDir = "/var/lib/uptimed";
|
||||
in
|
||||
{
|
||||
options = {
|
||||
@ -21,12 +21,16 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.uptimed ];
|
||||
|
||||
users.users.uptimed = {
|
||||
description = "Uptimed daemon user";
|
||||
home = stateDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.uptimed;
|
||||
group = "uptimed";
|
||||
};
|
||||
users.groups.uptimed = {};
|
||||
|
||||
systemd.services.uptimed = {
|
||||
unitConfig.Documentation = "man:uptimed(8) man:uprecords(1)";
|
||||
@ -41,7 +45,7 @@ in
|
||||
PrivateTmp = "yes";
|
||||
PrivateNetwork = "yes";
|
||||
NoNewPrivileges = "yes";
|
||||
ReadWriteDirectories = stateDir;
|
||||
StateDirectory = [ "uptimed" ];
|
||||
InaccessibleDirectories = "/home";
|
||||
ExecStart = "${pkgs.uptimed}/sbin/uptimed -f -p ${stateDir}/pid";
|
||||
};
|
||||
|
@ -14,6 +14,11 @@ stdenv.mkDerivation rec {
|
||||
nativeBuildInputs = [ autoreconfHook ];
|
||||
patches = [ ./no-var-spool-install.patch ];
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace libuptimed/urec.h \
|
||||
--replace /var/spool /var/lib
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Uptime record daemon";
|
||||
longDescription = ''
|
||||
|
Loading…
Reference in New Issue
Block a user