public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

kernel config: Enable CGROUP_BPF 

Avoids the following warning:

File /.../systemd-journald.service:35 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling.
Proceeding WITHOUT firewalling in effect! (This warning is only shown for the first loaded unit using IP firewalling.)
This commit is contained in:
Tuomas Tynkkynen 2018-02-28 01:08:32 +02:00
parent ede1b6f0df
commit 822526f09e
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkgs/os-specific/linux/kernel/common-config.nix
View File

@ -134,6 +134,7 @@ with stdenv.lib;
''} ''}
NETFILTER y NETFILTER y
NETFILTER_ADVANCED y NETFILTER_ADVANCED y
CGROUP_BPF? y # Required by systemd per-cgroup firewalling
IP_ROUTE_VERBOSE y IP_ROUTE_VERBOSE y
IP_MROUTE_MULTIPLE_TABLES y IP_MROUTE_MULTIPLE_TABLES y
IP_VS_PROTO_TCP y IP_VS_PROTO_TCP y