amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

etc: systemd services: Run ‘guix-daemon’ as an unprivileged user.

Browse source 
* etc/guix-daemon.service.in (ExecStart): Remove ‘--build-users-group’.
(Environment): Add ‘GUIX_STATE_DIRECTORY’.
(Before, User, AmbientCapabilities, PrivateMounts, BindPaths): New fields.
* etc/gnu-store.mount.in (Before): Remove.
(WantedBy): Change to ‘multi-user.target’.

Change-Id: Id826b8ab535844b6024d777f6bd15fd49db6d65e
This commit is contained in:
Ludovic Courtès 2025-01-23 09:47:22 +01:00
parent 2f65438eba
commit 107eb8ee8f
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
2 changed files with 21 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

3
etc/gnu-store.mount.in
View file

@ -2,10 +2,9 @@
Description=Read-only @storedir@ for GNU Guix
DefaultDependencies=no
ConditionPathExists=@storedir@
Before=guix-daemon.service
[Install]
WantedBy=guix-daemon.service
WantedBy=multi-user.target
[Mount]
What=@storedir@