From a0338afe5faa9f9e403e2caa52e4a8b60c272be9 Mon Sep 17 00:00:00 2001
From: Joachim Fasting <joachifm@fastmail.fm>
Date: Sun, 5 Feb 2017 04:42:16 +0100
Subject: cjdns service: allow writing keys to /etc

20e81f7c0d56e0b179115ca72a85b81ff637d909 prevented key generation in
`preStart`, leaving the service broken for the case where the user has
no pre-existing key.

Eventually, we ought to store the state elsewhere so that `/etc` can be
read-only but for now we fix this the easy way.
---
 nixos/modules/services/networking/cjdns.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'nixos/modules/services/networking/cjdns.nix')

diff --git a/nixos/modules/services/networking/cjdns.nix b/nixos/modules/services/networking/cjdns.nix
index a10851c16523..d478e45f9462 100644
--- a/nixos/modules/services/networking/cjdns.nix
+++ b/nixos/modules/services/networking/cjdns.nix
@@ -260,7 +260,7 @@ in
         RestartSec = 1;
         CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_RAW";
         AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_RAW";
-        ProtectSystem = "full";
+        ProtectSystem = true;
         MemoryDenyWriteExecute = true;
         ProtectHome = true;
         PrivateTmp = true;
-- 
cgit v1.2.3