8d559672be
Remove MemoryDenyWriteExecute hardening as it breaks image rendering plugin. Add CAP_NET_BIND_SERVICE to bind to low ports when needed. Remove PrivateUsers and ProcSubset as upstream choose to remove it. Upstream changes: <https://github.com/grafana/grafana/pull/40219>, <https://github.com/grafana/grafana/pull/40178>, <https://github.com/grafana/grafana/pull/40339> and <https://github.com/grafana/grafana/pull/40815>. |
||
---|---|---|
.. | ||
config | ||
hardware | ||
i18n/input-method | ||
installer | ||
misc | ||
profiles | ||
programs | ||
security | ||
services | ||
system | ||
tasks | ||
testing | ||
virtualisation | ||
module-list.nix | ||
rename.nix |