diff --git a/hosts/common/programs/networkmanager.nix b/hosts/common/programs/networkmanager.nix index a7d74a4e..11c418c8 100644 --- a/hosts/common/programs/networkmanager.nix +++ b/hosts/common/programs/networkmanager.nix @@ -13,10 +13,10 @@ in { sane.programs.networkmanager = { packageUnwrapped = pkgs.networkmanager.overrideAttrs (upstream: { - postPatch = (upstream.postPatch or "") + '' - substituteInPlace src/{core/org.freedesktop.NetworkManager,nm-dispatcher/nm-dispatcher}.conf --replace-fail \ - 'user="root"' 'user="networkmanager"' - ''; + # postPatch = (upstream.postPatch or "") + '' + # substituteInPlace src/{core/org.freedesktop.NetworkManager,nm-dispatcher/nm-dispatcher}.conf --replace-fail \ + # 'user="root"' 'user="networkmanager"' + # ''; # remove unused services to prevent any unexpected interactions postFixup = (upstream.postFixup or "") + '' rm $out/etc/systemd/system/{nm-cloud-setup.service,nm-cloud-setup.timer,nm-priv-helper.service} @@ -66,8 +66,8 @@ in path = [ "/run/current-system/sw" ]; #< so it can find `sanebox` serviceConfig.RuntimeDirectory = "NetworkManager"; #< tells systemd to create /run/NetworkManager serviceConfig.StateDirectory = "NetworkManager"; #< tells systemd to create /var/lib/NetworkManager - serviceConfig.User = "networkmanager"; - serviceConfig.Group = "networkmanager"; + # serviceConfig.User = "networkmanager"; + # serviceConfig.Group = "networkmanager"; serviceConfig.AmbientCapabilities = [ # "CAP_DAC_OVERRIDE" "CAP_NET_ADMIN" @@ -82,8 +82,8 @@ in systemd.services.NetworkManager-wait-online = { path = [ "/run/current-system/sw" ]; #< so `nm-online` can find `sanebox` wantedBy = [ "network-online.target" ]; - serviceConfig.User = "networkmanager"; - serviceConfig.Group = "networkmanager"; + # serviceConfig.User = "networkmanager"; + # serviceConfig.Group = "networkmanager"; }; systemd.services.NetworkManager-dispatcher = { @@ -97,8 +97,8 @@ in ]; serviceConfig.Restart = "always"; serviceConfig.RestartSec = "1s"; - serviceConfig.User = "networkmanager"; - serviceConfig.Group = "networkmanager"; + # serviceConfig.User = "networkmanager"; + # serviceConfig.Group = "networkmanager"; }; environment.etc = { diff --git a/hosts/common/programs/wpa_supplicant.nix b/hosts/common/programs/wpa_supplicant.nix index c448405d..4af48d31 100644 --- a/hosts/common/programs/wpa_supplicant.nix +++ b/hosts/common/programs/wpa_supplicant.nix @@ -7,10 +7,10 @@ in { sane.programs.wpa_supplicant = { packageUnwrapped = pkgs.wpa_supplicant.overrideAttrs (upstream: { - postPatch = (upstream.postPatch or "") + '' - substituteInPlace wpa_supplicant/dbus/dbus-wpa_supplicant.conf --replace-fail \ - 'user="root"' 'user="networkmanager"' - ''; + # postPatch = (upstream.postPatch or "") + '' + # substituteInPlace wpa_supplicant/dbus/dbus-wpa_supplicant.conf --replace-fail \ + # 'user="root"' 'user="networkmanager"' + # ''; # nixpkgs wpa_supplicant generates a dbus file which has a path like # /nix/store/abc-wpa_supplicant/nix/store/abc-wpa_supplicant/sbin/... # upstreaming status: @@ -43,8 +43,8 @@ in systemd.packages = [ cfg.package ]; #< needs to be on systemd.packages so we get its service file systemd.services.wpa_supplicant = { path = [ "/run/current-system/sw" ]; #< so it can find `sanebox` - serviceConfig.User = "networkmanager"; - serviceConfig.Group = "networkmanager"; + # serviceConfig.User = "networkmanager"; + # serviceConfig.Group = "networkmanager"; serviceConfig.AmbientCapabilities = [ "CAP_NET_ADMIN" "CAP_NET_RAW"