Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 2 commits
- 3 files changed
- 1 contributor
Commits on Mar 28, 2019
-
nixos/ldap: rename password file options properly
users.ldap.daemon.rootpwmodpw -> users.ldap.daemon.rootpwmodpwFile users.ldap.bind.password -> users.ldap.bind.passwordFile as users.ldap.daemon.rootpwmodpw never was part of a release, no mkRenamedOptionModule is introduced. (cherry picked from commit 0a1451a)
-
nixos/ldap: set proper User= and Group= for nslcd service
eb90d97 broke nslcd, as /run/nslcd was created/chowned as root user, while nslcd wants to do parts as nslcd user. This commit changes the nslcd to run with the proper uid/gid from the start (through User= and Group=), so the RuntimeDirectory has proper permissions, too. In some cases, secrets are baked into nslcd's config file during startup (so we don't want to provide it from the store). This config file is normally hard-wired to /etc/nslcd.conf, but we don't want to use PermissionsStartOnly anymore (#56265), and activation scripts are ugly, so redirect /etc/nslcd.conf to /run/nslcd/nslcd.conf, which now gets provisioned inside ExecStartPre=. This change requires the files referenced to in users.ldap.bind.passwordFile and users.ldap.daemon.rootpwmodpwFile to be readable by the nslcd user (in the non-nslcd case, this was already the case for users.ldap.bind.passwordFile) fixes #57783 (cherry picked from commit 8817bbe)
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff 8706f441e4c9...8ae24edf5b47