nixos/prometheus-smartctl: set proper SystemCallFilter

2022-10-25 16:47:09 +08:00 · 2022-10-25 16:47:09 +08:00 · afb8d0e5a6
commit afb8d0e5a6
parent f4342c11e5
1 changed files with 1 additions and 4 deletions
--- a/nixos/modules/services/monitoring/prometheus/exporters/smartctl.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters/smartctl.nix
@ -66,10 +66,7 @@ in {
      ProtectProc = "invisible";
      ProcSubset = "pid";
      SupplementaryGroups = [ "disk" ];
-      SystemCallFilter = [
-        "@system-service"
-        "~@privileged @resources"
-      ];
+      SystemCallFilter = [ "@system-service" "~@privileged" ];
    };
  };
 }