dkwo
dkwo
Hmm, it does not look at all like what I had in mind.
The whole thing should be _agnostic_ of what `key_command` is: it can be a system binary, a user-provided script, but not something installed during zulip setup process. The only assumption...
Makes sense. You could even have by default (mimick current behavior) passcmd=cat zulip_key instead of XXX, and suggest the user edits accordingly.
It works as expected on my system, leaving as draft for now to receive more comments/feedback.
Sure, I can do that in a few days.
Updated to 4.18 and tested.
Refs: https://github.com/NixOS/nixpkgs/pull/305722 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031375 Would `chown -R _wpas:_wpas /etc/wpa_supplicant/*` be better? if so, I can test it. The reason is that there can be other files there, such as a...
Indeed, this seems to be enough: ``` $ ls -la /etc/wpa_supplicant total 20 drwxr-xr-x 2 root root 4096 Jun 14 19:38 . drwxr-xr-x 60 root root 4096 Jun 14 19:46...
After some trial and error, I found out that I can even lockdown the file system, giving it only access to ``` --landlock-access fs \ --landlock-rule path-beneath:read-file:/proc/sys/net \ --landlock-rule path-beneath:read-file:/dev/urandom...
How exactly can I reproduce this? With `unified` setup, I can run e.g. Ubuntu containers (without the mkdir/mount thing that was also in lxd runit service) ``` $ incus launch...