mirror/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-09-29 15:43:00 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #249939 from erdnaxe/galene-fix

Browse Source 
nixos/galene: do not restrict AF_NETLINK
This commit is contained in:
Nick Cao 2023-09-10 08:49:19 -04:00 committed by GitHub
commit a1635b3821
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/services/web-apps/galene.nix
View File

@ -186,7 +186,7 @@ in
ProtectSystem = "strict";
ReadWritePaths = cfg.recordingsDir;
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_NETLINK" ];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;