Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs

Conflicts: nixpkgs/pkgs/build-support/go/module.nix nixpkgs/pkgs/development/python-modules/django-mailman3/default.nix
author: Alyssa Ross <hi@alyssa.is> 2023-08-23 10:09:14 +0000
committer: Alyssa Ross <hi@alyssa.is> 2023-08-26 09:07:03 +0000
commit: 63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f (patch)
tree: d58934cb48f9c953b19a0d0d5cffc0d0c5561471 /nixpkgs/nixos/modules/services/networking/ntp/chrony.nix
parent: c4eef3dacb2a3d359561f30917d9e3cc4e041be9 (diff)
parent: 91a22f76cd1716f9d0149e8a5c68424bb691de15 (diff)
download: nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.gz
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.bz2
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.lz
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.xz
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.zst
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.zip
1 files changed, 13 insertions, 1 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/ntp/chrony.nix b/nixpkgs/nixos/modules/services/networking/ntp/chrony.nix
index 2d421abc8be7..afd721e34da5 100644
--- a/nixpkgs/nixos/modules/services/networking/ntp/chrony.nix
+++ b/nixpkgs/nixos/modules/services/networking/ntp/chrony.nix
@@ -27,7 +27,10 @@ let
     ${cfg.extraConfig}
   '';
 
-  chronyFlags = [ "-n" "-m" "-u" "chrony" "-f" "${configFile}" ] ++ cfg.extraFlags;
+  chronyFlags =
+    [ "-n" "-u" "chrony" "-f" "${configFile}" ]
+    ++ optional cfg.enableMemoryLocking "-m"
+    ++ cfg.extraFlags;
 in
 {
   options = {
@@ -73,6 +76,15 @@ in
         '';
       };
 
+      enableMemoryLocking = mkOption {
+        type = types.bool;
+        default = config.environment.memoryAllocator.provider != "graphene-hardened";
+        defaultText = ''config.environment.memoryAllocator.provider != "graphene-hardened"'';
+        description = lib.mdDoc ''
+          Whether to add the `-m` flag to lock memory.
+        '';
+      };
+
       enableNTS = mkOption {
         type = types.bool;
         default = false;
author	Alyssa Ross <hi@alyssa.is>	2023-08-23 10:09:14 +0000
committer	Alyssa Ross <hi@alyssa.is>	2023-08-26 09:07:03 +0000
commit	63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f (patch)
tree	d58934cb48f9c953b19a0d0d5cffc0d0c5561471 /nixpkgs/nixos/modules/services/networking/ntp/chrony.nix
parent	c4eef3dacb2a3d359561f30917d9e3cc4e041be9 (diff)
parent	91a22f76cd1716f9d0149e8a5c68424bb691de15 (diff)
download	nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.gz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.bz2 nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.lz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.xz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.zst nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.zip