diff options
| author | Ameya Shenoy <shenoy.ameya@gmail.com> | 2024-03-20 07:56:43 +0530 |
|---|---|---|
| committer | Ameya Shenoy <shenoy.ameya@gmail.com> | 2024-03-20 08:41:21 +0530 |
| commit | 99c0c32a49132c38cc67aa992408d82c3ceee3d1 (patch) | |
| tree | 95927ebf16d1bc6ed82c4cd8961dd8cc341a580f /nixos/modules/services/security/usbguard.nix | |
| parent | 8e9fa2ddcaf37c06572a52492bf0d70095142dfe (diff) | |
| download | nixlib-99c0c32a49132c38cc67aa992408d82c3ceee3d1.tar nixlib-99c0c32a49132c38cc67aa992408d82c3ceee3d1.tar.gz nixlib-99c0c32a49132c38cc67aa992408d82c3ceee3d1.tar.bz2 nixlib-99c0c32a49132c38cc67aa992408d82c3ceee3d1.tar.lz nixlib-99c0c32a49132c38cc67aa992408d82c3ceee3d1.tar.xz nixlib-99c0c32a49132c38cc67aa992408d82c3ceee3d1.tar.zst nixlib-99c0c32a49132c38cc67aa992408d82c3ceee3d1.zip | |
usbguard: fix policy enums
The available policies for `InsertedDevicePolicy` and `ImplicitPolicyTarget` differ from the defined policy enum. This change is to prevent users from configuring incorrect policies for `usbguard` Related `usbguard` documentation https://usbguard.github.io/documentation/configuration.html Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com>
Diffstat (limited to 'nixos/modules/services/security/usbguard.nix')
| -rw-r--r-- | nixos/modules/services/security/usbguard.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/nixos/modules/services/security/usbguard.nix b/nixos/modules/services/security/usbguard.nix index f167fbb2eca8..ff54176e13d3 100644 --- a/nixos/modules/services/security/usbguard.nix +++ b/nixos/modules/services/security/usbguard.nix @@ -80,7 +80,7 @@ in }; implicitPolicyTarget = mkOption { - type = policy; + type = types.enum [ "allow" "block" "reject" ]; default = "block"; description = lib.mdDoc '' How to treat USB devices that don't match any rule in the policy. @@ -110,7 +110,7 @@ in }; insertedDevicePolicy = mkOption { - type = policy; + type = types.enum [ "block" "reject" "apply-policy" ]; default = "apply-policy"; description = lib.mdDoc '' How to treat USB devices that are already connected after the daemon |