services: Allow specifying user and group for knot resolver. - guix

diff options

author	W. Kosior <koszko@koszko.org>	2024-09-04 20:50:17 +0200
committer	W. Kosior <koszko@koszko.org>	2024-12-24 09:36:18 +0100
commit	36e5e3814c099ddac398f18817f4475a2f403a96 (patch)
tree	68907469f9b2ef7a164495bede9d4b2b15dc9607 /gnu/packages/lego.scm
parent	5a39a40160fb9b07b426feef17cf653d3b00819e (diff)
download	guix-36e5e3814c099ddac398f18817f4475a2f403a96.tar.gz guix-36e5e3814c099ddac398f18817f4475a2f403a96.zip

services: Allow specifying user and group for knot resolver.

Kresd used to start as root and create cache files with root ownership before dropping privileges. This made unprivileged kres-cache-gc (in a separate service) fail when trying to read them. The new default is to start both as `knot-resolver', with configuration fields that allow overriding this default. * gnu/services/dns.scm (<knot-resolver-configuration>)[user]: New field. (<knot-resolver-configuration>)[group]: New field. (knot-resolver-shepherd-services): Pass the user&group from config to forkexec constructors. Change-Id: Id06a8eca140fdca14995a03e910f521d5f4636e5

Diffstat (limited to 'gnu/packages/lego.scm')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: