diff options
| author | Joachim Fasting <joachifm@fastmail.fm> | 2016-08-15 20:01:12 +0200 |
|---|---|---|
| committer | Joachim Fasting <joachifm@fastmail.fm> | 2016-08-15 20:36:47 +0200 |
| commit | 050b7eec1688c2c4cd3391aa673bed9398d3bf9f (patch) | |
| tree | f05ab944e32cb3a46e4d81e1ce507fcaa59cdefc | |
| parent | 7fd99066c44c72c1b78d3bf6626bfffa96162902 (diff) | |
| download | nixlib-050b7eec1688c2c4cd3391aa673bed9398d3bf9f.tar nixlib-050b7eec1688c2c4cd3391aa673bed9398d3bf9f.tar.gz nixlib-050b7eec1688c2c4cd3391aa673bed9398d3bf9f.tar.bz2 nixlib-050b7eec1688c2c4cd3391aa673bed9398d3bf9f.tar.lz nixlib-050b7eec1688c2c4cd3391aa673bed9398d3bf9f.tar.xz nixlib-050b7eec1688c2c4cd3391aa673bed9398d3bf9f.tar.zst nixlib-050b7eec1688c2c4cd3391aa673bed9398d3bf9f.zip | |
grsecurity module: systemd-nspawn requires cap_sys_admin
As with 9ca3504a798291fbd7c49fcfeec8b64daa2022ad Closes https://github.com/NixOS/nixpkgs/issues/17714
| -rw-r--r-- | nixos/modules/security/grsecurity.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/nixos/modules/security/grsecurity.nix b/nixos/modules/security/grsecurity.nix index 5eb88917dd56..9a2f62a14889 100644 --- a/nixos/modules/security/grsecurity.nix +++ b/nixos/modules/security/grsecurity.nix @@ -125,6 +125,7 @@ in "kernel.grsecurity.chroot_deny_chmod" = mkForce 0; "kernel.grsecurity.chroot_deny_mount" = mkForce 0; "kernel.grsecurity.chroot_restrict_nice" = mkForce 0; + "kernel.grsecurity.chroot_caps" = mkForce 0; }; assertions = [ |