public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/snapserver: add AF_NETLINK to allowed address families

Browse Source 
This is necessary for Librespot, which is spawned by snapserver in the
same cgroup. Librespot requires querying local ip links and addresses
for MDNS (Zeroconf/Avahi), and does so through NETLINK interface.
This commit is contained in:
Alexandre Macabies 2020-09-27 20:54:04 +02:00
parent a36cc03d96
commit 255882fbcc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/services/audio/snapserver.nix
View File

@ -286,7 +286,7 @@ in {
ProtectKernelTunables = true; ProtectKernelTunables = true;
ProtectControlGroups = true; ProtectControlGroups = true;
ProtectKernelModules = true; ProtectKernelModules = true;
RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX"; RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX AF_NETLINK";
RestrictNamespaces = true; RestrictNamespaces = true;
RuntimeDirectory = name; RuntimeDirectory = name;
StateDirectory = name; StateDirectory = name;