diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2016-05-05 08:30:19 +0200 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2016-05-05 08:30:19 +0200 |
| commit | 1dc36904d8cefa8188c785efd03274637c838e31 (patch) | |
| tree | 0cf37f0803f1e9c6985d09f2870e5ec61229d2ca /nixos/modules | |
| parent | 75f1cc61b86b002f551529f1cafa30b4f4010bd9 (diff) | |
| parent | 7a005601d48f760864258e369364b3b847d4e9fd (diff) | |
| download | nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.gz nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.bz2 nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.lz nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.xz nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.zst nixlib-1dc36904d8cefa8188c785efd03274637c838e31.zip | |
Merge #14920: windows improvements, mainly mingw
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/security/grsecurity.nix | 17 | ||||
| -rw-r--r-- | nixos/modules/services/continuous-integration/jenkins/default.nix | 12 | ||||
| -rw-r--r-- | nixos/modules/services/x11/window-managers/bspwm.nix | 1 |
3 files changed, 20 insertions, 10 deletions
diff --git a/nixos/modules/security/grsecurity.nix b/nixos/modules/security/grsecurity.nix index 11668162808f..12401f044a7f 100644 --- a/nixos/modules/security/grsecurity.nix +++ b/nixos/modules/security/grsecurity.nix @@ -194,6 +194,23 @@ in ''; }; + disableSimultConnect = mkOption { + type = types.bool; + default = false; + description = '' + Disable TCP simultaneous connect. The TCP simultaneous connect + feature allows two clients to connect without either of them + entering the listening state. This feature of the TCP specification + is claimed to enable an attacker to deny the target access to a given + server by guessing the source port the target would use to make the + connection. + + This option is OFF by default because TCP simultaneous connect has + some legitimate uses. Enable this option if you know what this TCP + feature is for and know that you do not need it. + ''; + }; + verboseVersion = mkOption { type = types.bool; default = false; diff --git a/nixos/modules/services/continuous-integration/jenkins/default.nix b/nixos/modules/services/continuous-integration/jenkins/default.nix index 6fd39e68b1d9..4a6ffb9c2616 100644 --- a/nixos/modules/services/continuous-integration/jenkins/default.nix +++ b/nixos/modules/services/continuous-integration/jenkins/default.nix @@ -161,16 +161,8 @@ in { ''; postStart = '' - until ${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} ; do - sleep 10 - done - while true ; do - index=`${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix}` - if [[ !("$index" =~ 'Please wait while Jenkins is restarting' || - "$index" =~ 'Please wait while Jenkins is getting ready to work') ]]; then - exit 0 - fi - sleep 30 + until ${pkgs.curl.bin}/bin/curl -s -L --fail --head http://${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} >/dev/null; do + sleep 2 done ''; diff --git a/nixos/modules/services/x11/window-managers/bspwm.nix b/nixos/modules/services/x11/window-managers/bspwm.nix index 271b1b6cf5da..03a1b7a72e88 100644 --- a/nixos/modules/services/x11/window-managers/bspwm.nix +++ b/nixos/modules/services/x11/window-managers/bspwm.nix @@ -38,6 +38,7 @@ in start = if cfg.startThroughSession then cfg.sessionScript else '' + export _JAVA_AWT_WM_NONREPARENTING=1 SXHKD_SHELL=/bin/sh ${pkgs.sxhkd}/bin/sxhkd -f 100 & ${pkgs.bspwm}/bin/bspwm ''; |