nixos/ebusd: fix device access (NixOS#352743)

Author: FliegendeWurst

nixos/modules/services/home-automation/ebusd.nix

@@ -155,7 +155,11 @@ in
 
   config =
     let
-      usesDev = lib.hasPrefix "/" cfg.device;
+      usesDev = lib.any (prefix: lib.hasPrefix prefix cfg.device) [
+        "/"
+        "ens:/"
+        "enh:/"
+      ];
     in
     lib.mkIf cfg.enable {
       systemd.services.ebusd = {
@@ -200,12 +204,14 @@ in
 
           # Hardening
           CapabilityBoundingSet = "";
-          DeviceAllow = lib.optionals usesDev [ cfg.device ];
+          DeviceAllow = lib.optionals usesDev [
+            (lib.removePrefix "ens:" (lib.removePrefix "enh:" cfg.device))
+          ];
           DevicePolicy = "closed";
           LockPersonality = true;
           MemoryDenyWriteExecute = false;
           NoNewPrivileges = true;
-          PrivateDevices = usesDev;
+          PrivateDevices = !usesDev;
           PrivateUsers = true;
           PrivateTmp = true;
           ProtectClock = true;