BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixpkgs-suyu/nixos/modules/services
History
Austin Seipp 0ce90d58cc nixos/chrony: clean up, rework to be a little closer to upstream 
Most importantly, this sets PrivateTmp, ProtectHome, and ProtectSystem
so that Chrony flaws are mitigated, should they occur.

Moving to ProtectSystem=full however, requires moving the chrony key
files under /var/lib/chrony -- which should be fine, anyway.

This also ensures ConditionCapability=CAP_SYS_TIME is set, ensuring
that chronyd will only be launched in an environment where such a
capability can be granted.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-09-24 15:42:44 -05:00
..
admin nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
amqp nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
audio nixos/mpd: allow storage plugins in musicDirectory 2018-08-03 21:36:38 +02:00
backup Merge pull request #44332 from jerith666/restic-s3-default 2018-08-01 22:56:12 -04:00
cluster nixos/kubernetes: fix kubelet cgroup stats 2018-07-31 15:45:37 +02:00
computing nixos/slurm: add option clusterName 2018-09-08 23:14:54 +02:00
continuous-integration [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
databases nixos docs: give IDs to things 2018-09-01 16:20:49 -04:00
desktops nixos/rygel: init 2018-09-08 06:57:14 +02:00
development nixos/jupyter: init service 2018-08-26 12:00:54 +02:00
editors nixos docs: more IDs 2018-09-02 15:56:24 -04:00
games nixos/terraria: Wait for daemon to stop 2018-08-20 21:41:29 +02:00
hardware nixos/trezord: revised and updated udev rules 2018-09-24 19:55:14 +02:00
logging Merge branch 'master' into es6 2018-08-23 23:41:27 +02:00
mail rmilter: deprecation notice 2018-09-23 18:51:40 +03:00
misc Revert "nixos: set nixos in nixPath" 2018-09-24 10:42:01 +02:00
monitoring datadog-agent: remove privateTmp=true 2018-09-19 18:53:51 +01:00
network-filesystems Merge pull request #44238 from jfrankenau/samba-conf-override 2018-08-16 16:56:24 +02:00
networking nixos/chrony: clean up, rework to be a little closer to upstream 2018-09-24 15:42:44 -05:00
printing nixos/cupsd: add option to start when needed 2018-07-14 23:39:43 +02:00
scheduling nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
search elasticsearch-curator: include the module in the module-list & fix bug 2018-08-25 18:53:10 +02:00
security nixos/tor: Correct "transparent" typo 2018-09-17 16:13:11 +02:00
system Merge pull request #42295 from avnik/libprefixed-to-multioutput/heimdal 2018-09-05 13:50:13 -05:00
torrent nixos/transmission: fix AppArmor profile to include keyutils 2018-08-31 17:19:29 +02:00
ttys [bot] treewide: remove unused 'inherit' in let blocks 2018-07-20 19:38:19 +00:00
web-apps codimd: remove unneeded defaults 2018-09-18 23:15:34 +02:00
web-servers nixos/nginx: fix type of sslTrustedCertificate option 2018-09-02 01:35:59 +02:00
x11 Merge pull request #47205 from matthewbauer/add-kdoctools 2018-09-23 18:46:36 -05:00