nixpkgs

History

Austin Seipp 64efd184ed grsecurity: Fix GRKERNSEC_PROC restrictions

Previously we were setting GRKERNSEC_PROC_USER y, which was a little bit
too strict. It doesn't allow a special group (e.g. the grsecurity group
users) to access /proc information - this requires
GRKERNSEC_PROC_USERGROUP y, and the two are mutually exclusive.

This was also not in line with the default automatic grsecurity
configuration - it actually defaults to USERGROUP (although it has a
default GID of 1001 instead of ours), not USER.

This introduces a new option restrictProcWithGroup - enabled by default
- which turns on GRKERNSEC_PROC_USERGROUP instead. It also turns off
restrictProc by default and makes sure both cannot be enabled.

Signed-off-by: Austin Seipp <aseipp@pobox.com>

2014-04-12 11:16:05 -05:00

doc

Merge branch 'containers'

2014-04-10 15:55:51 +02:00

gui

Move all of NixOS to nixos/ in preparation of the repository merge

2013-10-10 13:28:20 +02:00

lib

Disable allowUnfree by default

2014-04-09 00:09:31 +02:00

maintainers

Add all AWS regions to EBS AMI creation script.

2014-02-11 13:26:46 +01:00

modules

grsecurity: Fix GRKERNSEC_PROC restrictions

2014-04-12 11:16:05 -05:00

tests

Fix tests broken due to the firewall being enabled by default

2014-04-11 17:16:44 +02:00

COPYING

Move all of NixOS to nixos/ in preparation of the repository merge

2013-10-10 13:28:20 +02:00

default.nix

Fix nixos-option

2013-10-28 22:45:58 +01:00

README

Move all of NixOS to nixos/ in preparation of the repository merge

2013-10-10 13:28:20 +02:00

release-combined.nix

Add a regression test for udisks

2014-04-07 13:22:12 +02:00

release.nix

Move generation of coverage reports from nixos/lib/testing to releaseTools

2014-03-03 13:57:08 +01:00

README

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
http://nixos.org/nixos and in the manual in doc/manual.