movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 06:00:33 +03:00
Code Activity

grsecurity: update stable/testing kernels, refactoring

Browse source 
This updates the new stable kernel to 3.14, and the new testing kernel
to 3.15.

This also removes the vserver kernel, since it's probably not nearly as
used.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
This commit is contained in:
Austin Seipp 2014-06-22 22:28:32 -05:00
parent 125c2b9468
commit 0399c5ee24
5 changed files with 15 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

21
nixos/modules/security/grsecurity.nix
View file

@ -6,12 +6,10 @@ let
cfg = config.security.grsecurity;
customGrsecPkg =
(import ../../../pkgs/build-support/grsecurity
{
inherit lib pkgs;
grsecOptions = cfg;
}
).grsecPackage;
(import ../../../pkgs/build-support/grsecurity {
grsecOptions = cfg;
inherit pkgs lib;
}).grsecPackage;
in
{
options = {
@ -36,14 +34,6 @@ in
'';
};
vserver = mkOption {
type = types.bool;
default = false;
description = ''
Enable the stable grsecurity/vserver patches, based on Linux 3.2.
'';
};
testing = mkOption {
type = types.bool;
default = false;
@ -246,9 +236,6 @@ in
both.
'';
}
{ assertion = (cfg.testing -> !cfg.vserver);
message = "The vserver patches are only supported in the stable kernel.";
}
{ assertion = (cfg.config.restrictProc -> !cfg.config.restrictProcWithGroup) ||
(cfg.config.restrictProcWithGroup -> !cfg.config.restrictProc);
message = "You cannot enable both restrictProc and restrictProcWithGroup";