diff options
| author | Joachim Fasting <joachifm@fastmail.fm> | 2015-03-28 22:47:01 +0100 |
|---|---|---|
| committer | Joachim Fasting <joachifm@fastmail.fm> | 2015-03-29 00:42:58 +0100 |
| commit | 5cb2cee954342d9ddd67a82e3226f5d1a3207ce6 (patch) | |
| tree | 5643313ecc3bb7dd48597b1fc1d4b1fca891834a /nixos/modules/config/sysctl.nix | |
| parent | a00e19ceb96ed8ae2910b009c1ed79dff7167517 (diff) | |
| download | nixlib-5cb2cee954342d9ddd67a82e3226f5d1a3207ce6.tar nixlib-5cb2cee954342d9ddd67a82e3226f5d1a3207ce6.tar.gz nixlib-5cb2cee954342d9ddd67a82e3226f5d1a3207ce6.tar.bz2 nixlib-5cb2cee954342d9ddd67a82e3226f5d1a3207ce6.tar.lz nixlib-5cb2cee954342d9ddd67a82e3226f5d1a3207ce6.tar.xz nixlib-5cb2cee954342d9ddd67a82e3226f5d1a3207ce6.tar.zst nixlib-5cb2cee954342d9ddd67a82e3226f5d1a3207ce6.zip | |
nixos: condition sysctl.kptr_restrict on features.grsecurity
Conditioning `sysctl.kptr_restrict` on `features.grsecurity` supports any grsecurity enabled kernel without having to enable the grsecurity module.
Diffstat (limited to 'nixos/modules/config/sysctl.nix')
| -rw-r--r-- | nixos/modules/config/sysctl.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/config/sysctl.nix b/nixos/modules/config/sysctl.nix index 3b6ccd380c75..e83562a8356e 100644 --- a/nixos/modules/config/sysctl.nix +++ b/nixos/modules/config/sysctl.nix @@ -64,6 +64,6 @@ in # # Removed under grsecurity. boot.kernel.sysctl."kernel.kptr_restrict" = - if config.security.grsecurity.enable then null else 1; + if (config.boot.kernelPackages.kernel.features.grsecurity or false) then null else 1; }; } |