public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #119272 from mweinelt/babeld 

nixos/babeld: allow AF_INET communication required for netlink socket
This commit is contained in:
Martin Weinelt 2021-04-13 03:25:51 +02:00 committed by GitHub
parent 7289645071 8e1e78a735
commit eeb49d6dc8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/services/networking/babeld.nix
View File

@ -102,7 +102,7 @@ in
ProtectKernelModules = true; ProtectKernelModules = true;
ProtectKernelLogs = true; ProtectKernelLogs = true;
ProtectControlGroups = true; ProtectControlGroups = true;
RestrictAddressFamilies = [ "AF_NETLINK" "AF_INET6" ]; RestrictAddressFamilies = [ "AF_NETLINK" "AF_INET6" "AF_INET" ];
RestrictNamespaces = true; RestrictNamespaces = true;
RestrictRealtime = true; RestrictRealtime = true;
RestrictSUIDSGID = true; RestrictSUIDSGID = true;