26 lines
442 B
Nix
26 lines
442 B
Nix
{
|
|
config,
|
|
lib,
|
|
mylib,
|
|
...
|
|
}:
|
|
{
|
|
services.nscd = {
|
|
enable = true;
|
|
enableNsncd = true;
|
|
};
|
|
|
|
systemd.services.nscd.serviceConfig = mylib.misc.serviceHardened // {
|
|
RuntimeDirectory = lib.mkForce "";
|
|
ProtectHome = lib.mkForce true;
|
|
};
|
|
|
|
systemd.tmpfiles.settings."20-nscd" = {
|
|
"/run/nscd".d = {
|
|
mode = "0755";
|
|
user = config.services.nscd.user;
|
|
group = config.services.nscd.group;
|
|
};
|
|
};
|
|
}
|