nixpkgs

History

Austin Seipp 64efd184ed grsecurity: Fix GRKERNSEC_PROC restrictions Previously we were setting GRKERNSEC_PROC_USER y, which was a little bit too strict. It doesn't allow a special group (e.g. the grsecurity group users) to access /proc information - this requires GRKERNSEC_PROC_USERGROUP y, and the two are mutually exclusive. This was also not in line with the default automatic grsecurity configuration - it actually defaults to USERGROUP (although it has a default GID of 1001 instead of ours), not USER. This introduces a new option restrictProcWithGroup - enabled by default - which turns on GRKERNSEC_PROC_USERGROUP instead. It also turns off restrictProc by default and makes sure both cannot be enabled. Signed-off-by: Austin Seipp <aseipp@pobox.com>		2014-04-12 11:16:05 -05:00
..
config	nixos: add grsecurity module (#1875 )	2014-04-11 22:43:51 -05:00
hardware	Upgrade bumblebee and add nixos module	2014-02-09 15:09:41 +01:00
installer	Include Archive::Cpio in the installation CD	2014-04-11 17:16:44 +02:00
misc	nixos: add grsecurity module (#1875 )	2014-04-11 22:43:51 -05:00
profiles	Revert "Turn on user-controlled wpa-cli on the livecd"	2014-04-08 18:26:52 -04:00
programs	Revert "nixos: fix shell on conatiners"	2014-04-11 12:07:00 +02:00
security	grsecurity: Fix GRKERNSEC_PROC restrictions	2014-04-12 11:16:05 -05:00
services	Revert "Merge branch 'postgresql-user' of git://github.com/ocharles/nixpkgs"	2014-04-11 19:23:03 -04:00
system	Merge branch 'containers'	2014-04-10 15:55:51 +02:00
tasks	Add fuse to env by default	2014-04-03 21:36:13 -04:00
testing	Rename linuxManualConfig to buildLinux	2014-01-21 20:05:55 -05:00
virtualisation	Merge branch 'containers'	2014-04-10 15:55:51 +02:00
module-list.nix	nixos: add grsecurity module (#1875 )	2014-04-11 22:43:51 -05:00
rename.nix	move windowManager.xbmc to desktopManager.xbmc	2014-03-12 09:20:59 +01:00