nixos/virtualbox: Revert disable hardening.
This reverts commit 5d67b17901ff2c9a18647bd9453c6b0d4294b875. The issues have been resolved by ac603e208c98b260db675fa0c13be94fa95216f4. Tested this with hostonlyifs and USB support with extension pack. Conflicts: nixos/modules/programs/virtualbox-host.nix Signed-off-by: aszlig <aszlig@redmoonstudios.org> Tested-by: Mateusz Kowalczyk <fuuzetsu@fuuzetsu.co.uk>
This commit is contained in:
parent
06e6d7def2
commit
f7384b8c75
@ -35,7 +35,7 @@ in
|
||||
|
||||
enableHardening = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
default = true;
|
||||
description = ''
|
||||
Enable hardened VirtualBox, which ensures that only the binaries in the
|
||||
system path get access to the devices exposed by the kernel modules
|
||||
@ -54,13 +54,6 @@ in
|
||||
boot.extraModulePackages = [ virtualbox ];
|
||||
environment.systemPackages = [ virtualbox ];
|
||||
|
||||
warnings = mkIf (!cfg.enableHardening) (singleton (
|
||||
"Hardening is currently disabled for VirtualBox, because of some " +
|
||||
"issues in conjunction with host-only-interfaces. If you don't use " +
|
||||
"hostonlyifs, it's strongly recommended to set " +
|
||||
"`services.virtualboxHost.enableHardening = true'!"
|
||||
));
|
||||
|
||||
security.setuidOwners = let
|
||||
mkSuid = program: {
|
||||
inherit program;
|
||||
|
Loading…
x
Reference in New Issue
Block a user