public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/hardened profile: lock kernel modules

Browse Source
This commit is contained in:
Joachim Fasting
2017-04-29 22:46:20 +02:00
parent 878ad1ce6e
commit 6a5a5728ee
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/profiles/hardened.nix
View File

@@ -8,6 +8,8 @@ with lib;
{
security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true;
security.apparmor.enable = mkDefault true;
boot.kernelParams = [