Disallow user group read access to mounted network shares

rake5k · Sep 25, 2023 · 0171213 · 0171213
1 parent 768f1b2
commit 0171213
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/nixos/base/users/christian.nix b/nixos/base/users/christian.nix
@@ -22,7 +22,7 @@ in
       fsType = "cifs";
       credentials = config.age.secrets."${secretSmb}".path;
       automount_opts = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=60" "x-systemd.device-timeout=5s" "x-systemd.mount-timeout=5s" ];
-      auth_opts = [ "uid=1000" "gid=100" "credentials=${credentials}" ];
+      auth_opts = [ "uid=1000" "gid=0" "credentials=${credentials}" ];
       options = automount_opts ++ auth_opts;
     in
     {