movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

nixos/akkoma: dont disable protectsystem in confinement mode

Browse source 
this works fine since #289593
This commit is contained in:
tcmal 2024-05-25 18:42:22 +01:00
parent a247fc94b4
commit 7952d92b82
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/services/web-apps/akkoma.nix
View file

@ -1072,7 +1072,7 @@ in {
ProtectProc = "noaccess";
ProcSubset = "pid";
ProtectSystem = mkIf (!isConfined) "strict";
ProtectSystem = "strict";
ProtectHome = true;
PrivateTmp = true;
PrivateDevices = true;