diff options
| author | Alyssa Ross <hi@alyssa.is> | 2020-01-11 23:37:02 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2020-01-11 23:41:30 +0000 |
| commit | 6c557e3f1c28cf87e9fba232811d6875dd1399c1 (patch) | |
| tree | 035a071d5d8980df6de0fa42e2ef8fc0cce7055e /nixpkgs/nixos/modules/profiles | |
| parent | da7500bc026e937ac7fce7b50f67a0e1765737a7 (diff) | |
| parent | e4134747f5666bcab8680aff67fa3b63384f9a0f (diff) | |
| download | nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.gz nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.bz2 nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.lz nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.xz nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.zst nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.zip | |
Merge commit 'e4134747f5666bcab8680aff67fa3b63384f9a0f'
Diffstat (limited to 'nixpkgs/nixos/modules/profiles')
| -rw-r--r-- | nixpkgs/nixos/modules/profiles/graphical.nix | 2 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/profiles/hardened.nix | 21 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/profiles/installation-device.nix | 3 |
3 files changed, 21 insertions, 5 deletions
diff --git a/nixpkgs/nixos/modules/profiles/graphical.nix b/nixpkgs/nixos/modules/profiles/graphical.nix index 649f5564ac61..d80456cede56 100644 --- a/nixpkgs/nixos/modules/profiles/graphical.nix +++ b/nixpkgs/nixos/modules/profiles/graphical.nix @@ -9,14 +9,12 @@ displayManager.sddm.enable = true; desktopManager.plasma5 = { enable = true; - enableQt4Support = false; }; libinput.enable = true; # for touchpad support on many laptops }; # Enable sound in virtualbox appliances. hardware.pulseaudio.enable = true; - hardware.pulseaudio.systemWide = true; # Needed since we run plasma as root. environment.systemPackages = [ pkgs.glxinfo pkgs.firefox ]; } diff --git a/nixpkgs/nixos/modules/profiles/hardened.nix b/nixpkgs/nixos/modules/profiles/hardened.nix index 626d8b1d2bde..f7b2f5c7fc1e 100644 --- a/nixpkgs/nixos/modules/profiles/hardened.nix +++ b/nixpkgs/nixos/modules/profiles/hardened.nix @@ -52,6 +52,27 @@ with lib; "ax25" "netrom" "rose" + + # Old or rare or insufficiently audited filesystems + "adfs" + "affs" + "bfs" + "befs" + "cramfs" + "efs" + "erofs" + "exofs" + "freevxfs" + "f2fs" + "hfs" + "hpfs" + "jfs" + "minix" + "nilfs2" + "qnx4" + "qnx6" + "sysv" + "ufs" ]; # Restrict ptrace() usage to processes with a pre-defined relationship diff --git a/nixpkgs/nixos/modules/profiles/installation-device.nix b/nixpkgs/nixos/modules/profiles/installation-device.nix index fd30220ce1c9..4596e163404c 100644 --- a/nixpkgs/nixos/modules/profiles/installation-device.nix +++ b/nixpkgs/nixos/modules/profiles/installation-device.nix @@ -31,9 +31,6 @@ with lib; # Let the user play Rogue on TTY 8 during the installation. #services.rogue.enable = true; - # Disable some other stuff we don't need. - services.udisks2.enable = mkDefault false; - # Use less privileged nixos user users.users.nixos = { isNormalUser = true; |