nixos/pulseaudio: set permission of pulse home directory

Closes #114399
author: lgoette <git@lasse-goette.de> 2023-11-30 01:59:15 +0100
committer: Emily Trau <emily@downunderctf.com> 2023-12-01 15:47:22 +1100
commit: d14a788127e6587425bc61ff7aa81560ec67a81f (patch)
tree: e8bd0fa93ca3384e0025c3c908193a541571ca6d
parent: ecb3fe49f69e80ff609f7bc8d4f39a70aa6ad9fe (diff)
2 files changed, 3 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md
index 6c697b580838..f25999f607d9 100644
--- a/nixos/doc/manual/release-notes/rl-2405.section.md
+++ b/nixos/doc/manual/release-notes/rl-2405.section.md
@@ -35,3 +35,5 @@ In addition to numerous new and upgraded packages, this release has the followin
   non-child processes. This means you will not be able to attach gdb to an
   existing process, but will need to start that process from gdb (so it is a
   child). Or you can set `boot.kernel.sysctl."kernel.yama.ptrace_scope"` to 0.
+
+- The `hardware.pulseaudio` module now sets permission of pulse user home directory to 755 when running in "systemWide" mode. It fixes [issue 114399](https://github.com/NixOS/nixpkgs/issues/114399).
diff --git a/nixos/modules/config/pulseaudio.nix b/nixos/modules/config/pulseaudio.nix
index 80ff6c1aabf7..b10edeb75604 100644
--- a/nixos/modules/config/pulseaudio.nix
+++ b/nixos/modules/config/pulseaudio.nix
@@ -305,6 +305,7 @@ in {
         extraGroups = [ "audio" ];
         description = "PulseAudio system service user";
         home = stateDir;
+        homeMode = "755";
         createHome = true;
         isSystemUser = true;
       };
author	lgoette <git@lasse-goette.de>	2023-11-30 01:59:15 +0100
committer	Emily Trau <emily@downunderctf.com>	2023-12-01 15:47:22 +1100
commit	d14a788127e6587425bc61ff7aa81560ec67a81f (patch)
tree	e8bd0fa93ca3384e0025c3c908193a541571ca6d
parent	ecb3fe49f69e80ff609f7bc8d4f39a70aa6ad9fe (diff)