From ad79c387648cf78569f5b6cdce31a0264db1b3f7 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Fri, 9 Oct 2020 00:01:21 +0200 Subject: [PATCH 1/3] graylog update reverse update table --- configs/workhorse/graylog.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/configs/workhorse/graylog.nix b/configs/workhorse/graylog.nix index f2c87c0..dda1de4 100644 --- a/configs/workhorse/graylog.nix +++ b/configs/workhorse/graylog.nix @@ -119,6 +119,7 @@ in { "2","cirtical","Critical conditions" "3","error","Error Condition" "4","warning","May indicate that an error will occur if action is not taken." + "4","warn","May indicate that an error will occur if action is not taken." "5","notice","Events that are unusual, but not error conditions." "6","info","Normal operational messages that require no action." "7","debug","Information useful to developers for debugging the application." From 9e2fd423bd690a538b6c2748bc45000b841406e6 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Mon, 12 Oct 2020 22:46:55 +0200 Subject: [PATCH 2/3] browser configure sudo --- modules/programs/browser.nix | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/modules/programs/browser.nix b/modules/programs/browser.nix index 181226c..910d7a5 100644 --- a/modules/programs/browser.nix +++ b/modules/programs/browser.nix @@ -203,9 +203,15 @@ in { # add sudo rights security.sudo.extraConfig = let extraRules = flip mapAttrsToList cfg.configList (name: values: - concatStringsSep "\n" - (map (sudoUser: "${sudoUser} ALL=(${values.user}) NOPASSWD: ALL") - values.sudoUsers)); + concatStringsSep "" (map (sudoUser: '' + # sudo configuration to control browser + ${sudoUser} ALL=(${values.user}) NOPASSWD: ALL + ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/mkdir -p ${values.home} + ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/chown -R ${values.user}\:users ${values.home} + ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/killall -9 -u ${name} + ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -rf ${values.home} + ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm ${values.home}-lock + '') values.sudoUsers)); in lib.concatStringsSep "\n" extraRules; # create users From 269b48b6d6e9fcae3ca87c6324b820a5024de837 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Mon, 12 Oct 2020 23:05:15 +0200 Subject: [PATCH 3/3] browser: add kill commands --- modules/programs/browser.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/modules/programs/browser.nix b/modules/programs/browser.nix index 910d7a5..d9c6fd7 100644 --- a/modules/programs/browser.nix +++ b/modules/programs/browser.nix @@ -37,6 +37,9 @@ let ''; }; + killBrowser = name: + pkgs.writeShellScriptBin "${name}-kill" "sudo killall -9 -u ${name}"; + cleanBrowser = name: browser: home: homeBackup: let backupFile = "${homeBackup}.tar.lzma"; @@ -45,7 +48,7 @@ let in pkgs.writeShellScriptBin "${name}-clean" # sh '' sudo killall -9 -u ${name} - sudo rm ${lockFile} + sudo rm -f ${lockFile} sudo rm -rf ${home} ''; @@ -129,6 +132,8 @@ let cleanBrowser name name browserConfig.home browserConfig.homeBackup) filteredConfigs; + allKillScripts = mapAttrsToList (name: _: killBrowser name) cfg.configList; + # browser chooser # --------------- browserSelect = pkgs.writeScriptBin "browser-select" '' @@ -210,7 +215,7 @@ in { ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/chown -R ${values.user}\:users ${values.home} ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/killall -9 -u ${name} ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -rf ${values.home} - ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm ${values.home}-lock + ${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -f ${values.home}-lock '') values.sudoUsers)); in lib.concatStringsSep "\n" extraRules; @@ -232,7 +237,7 @@ in { environment.systemPackages = [ browserSelect (desktopFile browserSelect) ] ++ browserExecutableList ++ (map (bin: desktopFile bin) browserExecutableList) ++ allBackupScripts - ++ allCleanScripts; + ++ allCleanScripts ++ allKillScripts; }; }