pyrox.dev / nixpkgs
lol
fork atom

nixos/wyoming-piper: allow w+x for onnxruntime (#402111)

Before this change, running piper would fail with

> cannot enable executable stack as shared object requires

because the stack is marked rwx on newer libonnxruntime versions.

Robbert Gurdeep Singh 06a3db75 8536c4ab

options
unified split
Changed files
+1 -1
nixos
modules
services
home-automation
wyoming
piper.nix
+1 -1
nixos/modules/services/home-automation/wyoming/piper.nix 
···

       
164

       
164

       
 

       
            DeviceAllow = "";


     

       
165

       
165

       
 

       
            DevicePolicy = "closed";


     

       
166

       
166

       
 

       
            LockPersonality = true;


     

       
167

       

       
-

       
            MemoryDenyWriteExecute = true;


     

       

       
167

       
+

       
            MemoryDenyWriteExecute = false; # required for onnxruntime


     

       
168

       
168

       
 

       
            PrivateDevices = true;


     

       
169

       
169

       
 

       
            PrivateUsers = true;


     

       
170

       
170

       
 

       
            ProtectHome = true;