nixos/modules/programs/ecryptfs.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / programs / ecryptfs.nix

at master 642 B view raw

 1{
 2  config,
 3  lib,
 4  pkgs,
 5  ...
 6}:
 7
 8let
 9  cfg = config.programs.ecryptfs;
10
11in
12{
13  options.programs.ecryptfs = {
14    enable = lib.mkEnableOption "ecryptfs setuid mount wrappers";
15  };
16
17  config = lib.mkIf cfg.enable {
18    security.wrappers = {
19
20      "mount.ecryptfs_private" = {
21        setuid = true;
22        owner = "root";
23        group = "root";
24        source = "${lib.getBin pkgs.ecryptfs}/bin/mount.ecryptfs_private";
25      };
26      "umount.ecryptfs_private" = {
27        setuid = true;
28        owner = "root";
29        group = "root";
30        source = "${lib.getBin pkgs.ecryptfs}/bin/umount.ecryptfs_private";
31      };
32
33    };
34  };
35}