public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #7148 from joachifm/grsec-trivial

Browse Source 
grsecurity module: trivial improvements
This commit is contained in:
Austin Seipp 2015-04-13 17:10:47 -05:00
commit b86f6a3ed6
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nixos/modules/security/grsecurity.nix
View File

@ -112,9 +112,6 @@ in
<literal>kernel.grsecurity.grsec_lock</literal> to <literal>kernel.grsecurity.grsec_lock</literal> to
non-zero as soon as all sysctl options are set. *THIS IS non-zero as soon as all sysctl options are set. *THIS IS
EXTREMELY IMPORTANT*! EXTREMELY IMPORTANT*!
If disabled, this also turns off the
<literal>systemd-sysctl</literal> service.
''; '';
}; };
@ -229,11 +226,8 @@ in
kernel 3.19) to continue. kernel 3.19) to continue.
''; '';
} }
{ assertion = (cfg.stable -> !cfg.testing) || (cfg.testing -> !cfg.stable); { assertion = !(cfg.stable && cfg.testing);
message = '' message = "Select either one of the stable or testing patch";
You must select either the stable or testing patch, not
both.
'';
} }
{ assertion = (cfg.config.restrictProc -> !cfg.config.restrictProcWithGroup) || { assertion = (cfg.config.restrictProc -> !cfg.config.restrictProcWithGroup) ||
(cfg.config.restrictProcWithGroup -> !cfg.config.restrictProc); (cfg.config.restrictProcWithGroup -> !cfg.config.restrictProc);