about summary refs log tree commit diff
path: root/nixos/modules/profiles
Commit message (Expand)AuthorAge
* Merge pull request #74378 from ttuegel/lxc-containeradisbladis2020-04-25
|\
| * docker-container: Remove /etc symlinkThomas Tuegel2019-11-27
* | nixos/hardened: add emily to maintainersEmily2020-04-17
* | nixos/hardened: enable user namespaces for rootEmily2020-04-17
* | nixos/hardened: don't set vm.unprivileged_userfaultfdEmily2020-04-17
* | nixos/hardened: don't set vm.mmap_min_addrEmily2020-04-17
* | nixos/hardened: don't set vm.mmap_rnd{,_compat}_bitsEmily2020-04-17
* | nixos/hardened: don't set net.core.bpf_jit_hardenEmily2020-04-17
* | nixos/hardened: don't set kernel.unprivileged_bpf_disabledEmily2020-04-17
* | nixos/hardened: don't set kernel.dmesg_restrictEmily2020-04-17
* | nixos/hardened: don't set vsyscall=noneEmily2020-04-17
* | nixos/hardened: don't set slab_nomergeEmily2020-04-17
* | Revert "nixos/hardened: build sandbox incompatible with namespaces"Florian Klink2020-04-05
* | Merge pull request #73763 from kmcopper/hardening-profileJoachim F2020-04-03
|\ \
| * | nixos/hardened: scudo default allocator. zero by default allow override.Kyle Copperfield2019-11-26
| * | nixos/hardened: build sandbox incompatible with namespacesKyle Copperfield2019-11-19
* | | Remove unused 'rogue' serviceEelco Dolstra2020-03-24
* | | services/misc/nixos-manual.nix: RemoveEelco Dolstra2020-03-24
| |/ |/|
* | nixos/plasma5: drop enableQt4Support optionJan Tojnar2019-11-22
|/
* profiles/graphical.nix: Drop systemWide pulseaudio in isoElis Hirwing2019-11-11
* Revert "installer: Disable udisks"Franz Pletz2019-10-16
* nixos/hardened: blacklist old filesystems (#70482)Joachim F2019-10-12
* qemu-guest: allow to override security.rngdMatthieu Coudron2019-09-18
* Merge pull request #63773 from flokli/installation-device-fixesFlorian Klink2019-08-31
|\
| * nixos/installation-device.nix: explain sshd usageFlorian Klink2019-08-19
* | Merge pull request #66687 from joachifm/feat/hardened-nixos-revert-graphene-m...Marek Mahut2019-08-19
|\ \ | |/ |/|
| * Revert "nixos/hardened: use graphene-hardened malloc by default"Joachim Fasting2019-08-15
* | nixos/systemd: install sysctl snippetsFlorian Klink2019-08-18
|/
* nixos-hardened: disable unprivileged userfaultfd syscallsJoachim Fasting2019-08-15
* nixos-hardened: enable page alloc randomizationJoachim Fasting2019-08-15
* installer: Don't run as rootworldofpeace2019-08-12
* nixos/hardened: make pti=on overridablePierre Bourdon2019-07-30
* Renaming security.virtualization.flushL1DataCache to virtualisationMarek Mahut2019-07-19
* nixos/hardened: harder inet defaultsJoachim Fasting2019-07-04
* nixos/hardened: disable ftrace by defaultJoachim Fasting2019-07-04
* nixos/hardened: use graphene-hardened malloc by defaultJoachim Fasting2019-05-07
* profiles/graphical.nix: Enable pulseaudio for virtualbox appliancesElis Hirwing2019-02-22
* types.optionSet: deprecate and remove last usagesdanbst2019-01-31
* modules/profiles/minimal: sound is disabled by defaultProfpatsch2019-01-13
* nixos/hardened profile: always enable ptiJoachim Fasting2019-01-05
* nixos/hardened profile: slab/slub hardeningJoachim Fasting2019-01-05
* nixos/security/misc: expose SMT control optionJoachim Fasting2018-12-27
* nixos/security/misc: expose l1tf mitigation optionJoachim Fasting2018-12-27
* nixos/security/misc: factor out protectKernelImageJoachim Fasting2018-12-27
* Revert "zfs cannot be distributed. Disabling it in the isos."Graham Christensen2018-11-26
* Merge branch 'master' of https://github.com/nixos/nixpkgs into tarball-closur...Ding Xiang Fei2018-11-26
|\
| * nixos/hardened: restrict access to nix daemonJoachim Fasting2018-11-24
* | Merge branch 'master' of https://github.com/nixos/nixpkgs into tarball-closur...Ding Xiang Fei2018-11-14
|\|
| * Merge pull request #49326 from c0bw3b/nixos/installation-deviceEelco Dolstra2018-10-30
| |\
| | * installation-device: set GC initial heap size to 1MBRenaud2018-10-28
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-19 23:54:56 +0000