diff options
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/build-support/grsecurity/default.nix | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/pkgs/build-support/grsecurity/default.nix b/pkgs/build-support/grsecurity/default.nix index 919728382301..b2bffc781b30 100644 --- a/pkgs/build-support/grsecurity/default.nix +++ b/pkgs/build-support/grsecurity/default.nix @@ -10,6 +10,7 @@ let mode = "auto"; sysctl = false; denyChrootChmod = false; + denyUSB = false; restrictProc = false; restrictProcWithGroup = true; unrestrictProcGid = 121; # Ugh, an awful hack. See grsecurity NixOS gid @@ -106,6 +107,7 @@ let GRKERNSEC_SYSCTL ${boolToKernOpt cfg.config.sysctl} GRKERNSEC_CHROOT_CHMOD ${boolToKernOpt cfg.config.denyChrootChmod} + GRKERNSEC_DENYUSB ${boolToKernOpt cfg.config.denyUSB} GRKERNSEC_NO_RBAC ${boolToKernOpt cfg.config.disableRBAC} ${restrictLinks} |