nixos/cryptpad: fix service with nodejs 22.11 (for real)

The previous fix had only been tested locally through a runtime edit of
the service, and the order in which @chown had been re-added was
different so commit cf498c1a61b3 ("nixos/cryptpad: fix service with
nodejs 22.11") did not actually fix the issue.

This properly orders @chown after @privileged so the rule is respected,
and also properly denies with EPERM instead of allowing the chown family
of syscalls: this will properly prevent seccomp from killing nodejs
while still disallowing fchown()

Fixes https://github.com/NixOS/nixpkgs/issues/370717

0 files changed, 0 insertions, 0 deletions