diff options
author | Bernardo Meurer <bernardo@meurer.org> | 2022-10-10 11:45:40 -0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-10-10 11:45:40 -0300 |
commit | ed22079db4e8ebfcabfa63d1e2c32a8dd96db857 (patch) | |
tree | 09d5af1798103753f52d5495000ce3f776d115de | |
parent | 50c7c4cc34c0eab26e0da9bfef88feecd59f5b20 (diff) | |
parent | 6ed7e545ecfa1db9c6e5f93571a93e7848c449cf (diff) |
Merge pull request #195141 from zhaofengli/vbox-headless-wrappers
-rw-r--r-- | nixos/modules/virtualisation/virtualbox-host.nix | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/nixos/modules/virtualisation/virtualbox-host.nix b/nixos/modules/virtualisation/virtualbox-host.nix index 5a2ec4939d99..b1565a09682a 100644 --- a/nixos/modules/virtualisation/virtualbox-host.nix +++ b/nixos/modules/virtualisation/virtualbox-host.nix @@ -104,16 +104,18 @@ in group = "vboxusers"; setuid = true; }; + executables = [ + "VBoxHeadless" + "VBoxNetAdpCtl" + "VBoxNetDHCP" + "VBoxNetNAT" + "VBoxVolInfo" + ] ++ (lib.optionals (!cfg.headless) [ + "VBoxSDL" + "VirtualBoxVM" + ]); in mkIf cfg.enableHardening - (builtins.listToAttrs (map (x: { name = x; value = mkSuid x; }) [ - "VBoxHeadless" - "VBoxNetAdpCtl" - "VBoxNetDHCP" - "VBoxNetNAT" - "VBoxSDL" - "VBoxVolInfo" - "VirtualBoxVM" - ])); + (builtins.listToAttrs (map (x: { name = x; value = mkSuid x; }) executables)); users.groups.vboxusers.gid = config.ids.gids.vboxusers; |