diff options
author | Tuomas Tynkkynen <tuomas@tuxera.com> | 2018-02-28 01:08:32 +0200 |
---|---|---|
committer | Tuomas Tynkkynen <tuomas@tuxera.com> | 2018-02-28 01:12:54 +0200 |
commit | 822526f09e91f65081bc780803f23cc0997ff4ab (patch) | |
tree | 7ecfcedd8e46b6b634f39213d73d8d817e366abe | |
parent | ede1b6f0dff899ca797c4a308c0594d553cdfb87 (diff) | |
download | nixlib-822526f09e91f65081bc780803f23cc0997ff4ab.tar nixlib-822526f09e91f65081bc780803f23cc0997ff4ab.tar.gz nixlib-822526f09e91f65081bc780803f23cc0997ff4ab.tar.bz2 nixlib-822526f09e91f65081bc780803f23cc0997ff4ab.tar.lz nixlib-822526f09e91f65081bc780803f23cc0997ff4ab.tar.xz nixlib-822526f09e91f65081bc780803f23cc0997ff4ab.tar.zst nixlib-822526f09e91f65081bc780803f23cc0997ff4ab.zip |
kernel config: Enable CGROUP_BPF
Avoids the following warning: File /.../systemd-journald.service:35 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling. Proceeding WITHOUT firewalling in effect! (This warning is only shown for the first loaded unit using IP firewalling.)
-rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 2fa343412019..5fbd9955c2a3 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -134,6 +134,7 @@ with stdenv.lib; ''} NETFILTER y NETFILTER_ADVANCED y + CGROUP_BPF? y # Required by systemd per-cgroup firewalling IP_ROUTE_VERBOSE y IP_MROUTE_MULTIPLE_TABLES y IP_VS_PROTO_TCP y |