nixpkgs/nixos/modules/security
Joachim Fasting 0677cc61c8
nixos: rewrite the grsecurity module
The new module is specifically adapted to the NixOS Grsecurity/PaX
kernel.  The module declares the required kernel configurations and
so *should* be somewhat compatible with custom Grsecurity kernels.

The module exposes only a limited number of options, minimising the need
for user intervention beyond enabling the module. For experts,
Grsecurity/PaX behavior may be configured via `boot.kernelParams` and
`boot.kernel.sysctl`.

The module assumes the user knows what she's doing (esp. if she decides
to modify configuration values not directly exposed by the module).

Administration of Grsecurity's role based access control system is yet
to be implemented.
2016-06-14 03:38:12 +02:00
..
acme.nix acme: added option security.acme.preliminarySelfsigned (#15562) 2016-06-01 11:39:46 +01:00
acme.xml acme: added option security.acme.preliminarySelfsigned (#15562) 2016-06-01 11:39:46 +01:00
apparmor-suid.nix apparmor-suid module: fix libcap lib output reference 2016-05-07 21:48:29 +02:00
apparmor.nix
audit.nix audit: Disable in containers 2016-01-26 16:25:40 +01:00
ca.nix cacert: fix formatting of example 2016-02-27 22:25:39 +13:00
duosec.nix
grsecurity.nix nixos: rewrite the grsecurity module 2016-06-14 03:38:12 +02:00
hidepid.nix nixos: add optional process information hiding 2016-04-10 12:27:06 +02:00
oath.nix config.security.oath: new module 2016-02-25 13:52:45 +00:00
pam.nix nixos/i3lock-color: added to pam 2016-05-15 07:47:31 +02:00
pam_mount.nix
pam_usb.nix
polkit.nix nixos systemPackages: rework default outputs 2016-01-28 11:24:18 +01:00
prey.nix
rngd.nix
rtkit.nix
setuid-wrapper.c
setuid-wrappers.nix setuid-wrappers: remove config.system.path from the closure 2016-05-23 13:47:23 +01:00
sudo.nix