Merge pull request #119272 from mweinelt/babeld

nixos/babeld: allow AF_INET communication required for netlink socket
2021-04-13 03:25:51 +02:00
parent 7289645071 8e1e78a735
commit eeb49d6dc8
1 changed files with 1 additions and 1 deletions
--- a/nixos/modules/services/networking/babeld.nix
+++ b/nixos/modules/services/networking/babeld.nix
@@ -102,7 +102,7 @@ in
        ProtectKernelModules = true;
        ProtectKernelLogs = true;
        ProtectControlGroups = true;
-        RestrictAddressFamilies = [ "AF_NETLINK" "AF_INET6" ];
+        RestrictAddressFamilies = [ "AF_NETLINK" "AF_INET6" "AF_INET" ];
        RestrictNamespaces = true;
        RestrictRealtime = true;
        RestrictSUIDSGID = true;