Is called like this since 14321ae2431e33f5ed81f1ee43eddd29c7e9d01d, but
docs were still using the old option in some cases.
Reported-By: Cedric Shahabi <cedric.shahabi@gmail.com>
Presents the options available (linuxManualConfig versus overriding
extraConfig, ignoreConfigErrors, autoModules, kernelPreferBuiltin.
For advanced hostPlatform customization refer to the commands shared by ericson1234 at
https://github.com/NixOS/nixpkgs/pull/33813 but it is too advanced to
put in the doc.
The manual still had a reference to an option that was already renamed
ages ago and a7ed44ccadfcf1bd54d0197fbc87b6c1b0bcef7b made it 'visible'.
With the visible attribute set to false for extraKernelModules, the
option no longer appears in the manual and thus breaks the link from the
manual to the options.
This is easily fixed by referring to boot.initrd.kernelModules instead
of the obsolete option boot.initrd.extraKernelModules.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @rycee, @matthewbauer
Changed extraUsers -> users and one case of extraGroups -> groups in nixos manual chapter 7.
According to chatter on IRC these are the proper names for these configuration options nowadays.
Modified based on feedback from Jörg Talheim.
In light of Emacs packaging improvements such as those mentioned
in #11503, and with the addition of a systemd service (#15807
and #16356), and considering that the wiki page is completely
out of date (#13217), it seems that some documentation is in order.
Enabling EFI runtime services provides a venue for injecting code into
the kernel.
When grsecurity is enabled, we close this by default by disabling access
to EFI runtime services. The upshot of this is that
/sys/firmware/efi/efivars will be unavailable by default (and attempts
to mount it will fail).
This is not strictly a grsecurity related option, it could be made into
a general option, but it seems to be of particular interest to
grsecurity users (for non-grsecurity users, there are other, more
immediate kernel injection attack dangers to contend with anyway).
