···

       
838
       
838
       
 
       
    # error that we’re trying to avoid can’t possibly happen if polkit isn’t enabled. When polkit isn’t

     

       
839
       
839
       
 
       
    # enabled, run0 will fail before it even tries to run the command.

     

       
840
       
840
       
 
       
    security.pam.services = mkIf config.security.polkit.enable {

     

       
841
       
841
       
-
       
      systemd-run0 = { };

     

       
841
       
841
       
+
       
      systemd-run0 = {

     

       
842
       
842
       
+
       
        # Upstream config: https://github.com/systemd/systemd/blob/main/src/run/systemd-run0.in

     

       
843
       
843
       
+
       
        setLoginUid = true;

     

       
844
       
844
       
+
       
        pamMount = false;

     

       
845
       
845
       
+
       
      };

     

       
842
       
846
       
 
       
    };

     

       
843
       
847
       
 
       
  };

     

       
844
       
848