mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-25 20:34:52 +03:00
nixos: condition sysctl.kptr_restrict on features.grsecurity
Conditioning `sysctl.kptr_restrict` on `features.grsecurity` supports any grsecurity enabled kernel without having to enable the grsecurity module.
This commit is contained in:
parent
a00e19ceb9
commit
5cb2cee954
@ -64,6 +64,6 @@ in
|
||||
#
|
||||
# Removed under grsecurity.
|
||||
boot.kernel.sysctl."kernel.kptr_restrict" =
|
||||
if config.security.grsecurity.enable then null else 1;
|
||||
if (config.boot.kernelPackages.kernel.features.grsecurity or false) then null else 1;
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user