nixos/modules/programs/ecryptfs.nix at 23.11-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / programs / ecryptfs.nix

at 23.11-beta 649 B view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.programs.ecryptfs;
 7
 8in {
 9  options.programs.ecryptfs = {
10    enable = mkEnableOption (lib.mdDoc "ecryptfs setuid mount wrappers");
11  };
12
13  config = mkIf cfg.enable {
14    security.wrappers = {
15
16      "mount.ecryptfs_private" = {
17        setuid = true;
18        owner = "root";
19        group = "root";
20        source = "${lib.getBin pkgs.ecryptfs}/bin/mount.ecryptfs_private";
21      };
22      "umount.ecryptfs_private" = {
23        setuid = true;
24        owner = "root";
25        group = "root";
26        source = "${lib.getBin pkgs.ecryptfs}/bin/umount.ecryptfs_private";
27      };
28
29    };
30  };
31}