The `iotop` program can't be started by an unprivileged user because of missing root privileges. The issue can be fixed by creating a setcap wrapper for `iotop` which contains `cap_net_admin`.wip/yesman
parent
bb962eb2a2
commit
7490e96e38
@ -0,0 +1,18 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.programs.iotop; |
||||
in { |
||||
options = { |
||||
programs.iotop.enable = mkEnableOption "iotop + setcap wrapper"; |
||||
}; |
||||
config = mkIf cfg.enable { |
||||
environment.systemPackages = [ pkgs.iotop ]; |
||||
security.wrappers.iotop = { |
||||
source = "${pkgs.iotop}/bin/iotop"; |
||||
capabilities = "cap_net_admin+p"; |
||||
}; |
||||
}; |
||||
} |
Loading…
Reference in new issue