pyrox.dev
security-wrapper: link old wrapper dir to new one
This makes setuid wrappers not fail after upgrading.
references #23641, #22914, #19862, #16654
+12
-2
nixos/modules/security/wrappers/default.nix
+12
-2
nixos/modules/security/wrappers/default.nix
···
179
179
180
180
# Remove the old /var/setuid-wrappers path from the system...
181
181
#
182
-
# TODO: this is only necessary for ugprades 16.09 => 17.x;
182
+
# TODO: this is only necessary for upgrades 16.09 => 17.x;
183
183
# this conditional removal block needs to be removed after
184
184
# the release.
185
185
if [ -d /var/setuid-wrappers ]; then
186
186
rm -rf /var/setuid-wrappers
187
+
ln -s /run/wrappers/bin /var/setuid-wrappers
187
188
fi
188
189
189
190
# Remove the old /run/setuid-wrappers-dir path from the
190
191
# system as well...
191
192
#
192
-
# TODO: this is only necessary for ugprades 16.09 => 17.x;
193
+
# TODO: this is only necessary for upgrades 16.09 => 17.x;
193
194
# this conditional removal block needs to be removed after
194
195
# the release.
195
196
if [ -d /run/setuid-wrapper-dirs ]; then
196
197
rm -rf /run/setuid-wrapper-dirs
198
+
ln -s /run/wrappers/bin /run/setuid-wrapper-dirs
199
+
fi
200
+
201
+
# TODO: this is only necessary for upgrades 16.09 => 17.x;
202
+
# this conditional removal block needs to be removed after
203
+
# the release.
204
+
if readlink -f /run/booted-system | grep nixos-17 > /dev/null; then
205
+
rm -rf /run/setuid-wrapper-dirs
206
+
rm -rf /var/setuid-wrappers
197
207
fi
198
208
199
209
# We want to place the tmpdirs for the wrappers to the parent dir.