forked from mirrors/nixpkgs
d4d7bfe07b
The chroot caps restriction disallows chroot'ed processes from running any command that requires `CAP_SYS_ADMIN`, breaking `nixos-rebuild`. See e.g., https://github.com/NixOS/nixpkgs/issues/15293 This significantly weakens chroot protections, but to break nixos-rebuild out of the box is too severe. |
||
---|---|---|
.. | ||
agda | ||
build-dotnet-package | ||
build-fhs-chrootenv | ||
build-fhs-userenv | ||
buildenv | ||
builder-defs | ||
cc-wrapper | ||
docker | ||
dotnetbuildhelpers | ||
dotnetenv | ||
emacs | ||
fetchadc | ||
fetchbower | ||
fetchbzr | ||
fetchcvs | ||
fetchdarcs | ||
fetchegg | ||
fetchfile | ||
fetchgit | ||
fetchgitlocal | ||
fetchgitrevision | ||
fetchhg | ||
fetchmtn | ||
fetchnuget | ||
fetchpatch | ||
fetchsvn | ||
fetchsvnrevision | ||
fetchsvnssh | ||
fetchurl | ||
fetchzip | ||
gcc-cross-wrapper | ||
gcc-wrapper-old | ||
grsecurity | ||
icon-conv-tools | ||
kdewrapper | ||
kernel | ||
libredirect | ||
make-desktopitem | ||
make-startupitem | ||
make-symlinks | ||
mono-dll-fixer | ||
nuke-references | ||
ocaml | ||
release | ||
rust | ||
setup-hooks | ||
src-only | ||
substitute | ||
substitute-files | ||
templaterpm | ||
upstream-updater | ||
vm | ||
vsenv | ||
build-maven.nix | ||
build-pecl.nix | ||
replace-dependency.nix | ||
source-from-head-fun.nix | ||
trivial-builders.nix |