From 2e88605a91d871f9c16a60c4e16da12b7aca9b7a Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Fri, 3 Apr 2015 12:49:26 +0200 Subject: grsecurity module: remove reference to systemd-sysctl First, that's not what the service is called, and secondly it's most likely irrelevant to the user. --- nixos/modules/security/grsecurity.nix | 3 --- 1 file changed, 3 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/security/grsecurity.nix b/nixos/modules/security/grsecurity.nix index 8cd400933487..4eb5c3b990d9 100644 --- a/nixos/modules/security/grsecurity.nix +++ b/nixos/modules/security/grsecurity.nix @@ -131,9 +131,6 @@ in kernel.grsecurity.grsec_lock to non-zero as soon as all sysctl options are set. *THIS IS EXTREMELY IMPORTANT*! - - If disabled, this also turns off the - systemd-sysctl service. ''; }; -- cgit 1.4.1 From 66c4f51046507024ec09a39a8b3f6683883c8ba9 Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Fri, 3 Apr 2015 13:35:06 +0200 Subject: grsecurity module: simplify assertion --- nixos/modules/security/grsecurity.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/security/grsecurity.nix b/nixos/modules/security/grsecurity.nix index 4eb5c3b990d9..f33f7abb52c4 100644 --- a/nixos/modules/security/grsecurity.nix +++ b/nixos/modules/security/grsecurity.nix @@ -245,11 +245,8 @@ in kernel 3.19) to continue. ''; } - { assertion = (cfg.stable -> !cfg.testing) || (cfg.testing -> !cfg.stable); - message = '' - You must select either the stable or testing patch, not - both. - ''; + { assertion = !(cfg.stable && cfg.testing); + message = "Select either one of the stable or testing patch"; } { assertion = (cfg.config.restrictProc -> !cfg.config.restrictProcWithGroup) || (cfg.config.restrictProcWithGroup -> !cfg.config.restrictProc); -- cgit 1.4.1