cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Merge pull request #249939 from erdnaxe/galene-fix

Browse source 
nixos/galene: do not restrict AF_NETLINK
This commit is contained in:
Nick Cao 2023-09-10 08:49:19 -04:00 committed by GitHub
commit a1635b3821
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/services/web-apps/galene.nix
View file

@ -186,7 +186,7 @@ in
ProtectSystem = "strict"; ProtectSystem = "strict";
ReadWritePaths = cfg.recordingsDir; ReadWritePaths = cfg.recordingsDir;
RemoveIPC = true; RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_NETLINK" ];
RestrictNamespaces = true; RestrictNamespaces = true;
RestrictRealtime = true; RestrictRealtime = true;
RestrictSUIDSGID = true; RestrictSUIDSGID = true;