3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/nixos/modules/security
Jörg Thalheim e12188c0f2
nixos/systemd-confinment: use /var/empty as chroot mountpoint
bind mounting directories into the nix-store breaks nix commands.
In particular it introduces character devices that are not supported
by nix-store as valid files in the nix store. Use `/var/empty` instead
which is designated for these kind of use cases. We won't create any
files beause of the tmpfs mounted.
2021-07-01 08:01:18 +02:00
..
apparmor nixos/apparmor: improve code readability 2021-04-23 07:20:19 +02:00
wrappers Revert "Revert "apparmor: fix and improve the service"" 2021-04-23 07:17:55 +02:00
acme.nix nixos/acme: don't use --reuse-key 2021-06-01 00:43:45 +02:00
acme.xml docs: acme: Fix typo 2021-06-06 14:27:13 +02:00
apparmor.nix nixos/security/apparmor: utillinux -> util-linux 2021-05-17 17:14:08 +02:00
audit.nix
auditd.nix
ca.nix nixos/security.pki: handle PEMs w/o a final newline 2021-05-16 17:23:11 -07:00
chromium-suid-sandbox.nix
dhparams.nix
doas.nix
duosec.nix
google_oslogin.nix
lock-kernel-modules.nix
misc.nix nixos/apparmor: improve code readability 2021-04-23 07:20:19 +02:00
oath.nix
pam.nix Merge pull request #122674 from wakira/pam-order 2021-06-26 16:52:25 +02:00
pam_mount.nix nixos/pam_mount: add support for FUSE-filesystems (#126069) 2021-06-08 22:06:28 +02:00
pam_usb.nix
polkit.nix
rngd.nix
rtkit.nix
sudo.nix nixos/sudo: add option execWheelOnly 2021-05-08 23:48:00 +02:00
systemd-confinement.nix nixos/systemd-confinment: use /var/empty as chroot mountpoint 2021-07-01 08:01:18 +02:00
tpm2.nix