pyrox.dev / nixpkgs
lol
fork atom

nixos/usbguard: ensure the audit log file can be created

Since version 0.7.3, usbguard-daemon won't start if the file cannot be opened.

Nadrieril 9b9ba840 08148a74

options
unified split
Changed files
+4 -1
nixos
modules
services
security
usbguard.nix
+4 -1
nixos/modules/services/security/usbguard.nix 
···

       
188

       
188

       
 

       
      wants = [ "systemd-udevd.service" "local-fs.target" ];


     

       
189

       
189

       
 

       



     

       
190

       
190

       
 

       
      # make sure an empty rule file and required directories exist


     

       
191

       

       
-

       
      preStart = ''mkdir -p $(dirname "${cfg.ruleFile}") "${cfg.IPCAccessControlFiles}" && ([ -f "${cfg.ruleFile}" ] || touch ${cfg.ruleFile})'';


     

       

       
191

       
+

       
      preStart = ''


     

       

       
192

       
+

       
        mkdir -p $(dirname "${cfg.ruleFile}") $(dirname "${cfg.auditFilePath}") "${cfg.IPCAccessControlFiles}" \


     

       

       
193

       
+

       
          && ([ -f "${cfg.ruleFile}" ] || touch ${cfg.ruleFile})


     

       

       
194

       
+

       
      '';


     

       
192

       
195

       
 

       



     

       
193

       
196

       
 

       
      serviceConfig = {


     

       
194

       
197

       
 

       
        Type = "simple";