nixpkgs/nixos/modules/security
aszlig 52299bccf5
nixos/confinement: Use PrivateMounts option
So far we had MountFlags = "private", but as @Infinisil has correctly
noticed, there is a dedicated PrivateMounts option, which does exactly
that and is better integrated than providing raw mount flags.

When checking for the reason why I used MountFlags instead of
PrivateMounts, I found that at the time I wrote the initial version of
this module (Mar 12 06:15:58 2018 +0100) the PrivateMounts option didn't
exist yet and has been added to systemd in Jun 13 08:20:18 2018 +0200.

Signed-off-by: aszlig <aszlig@nix.build>
2019-03-27 20:34:32 +01:00
..
wrappers nixos/wrappers: remove outdated upgrade code 2018-10-21 15:12:36 +02:00
acme.nix acme module: fix self-signed cert with openssl 1.1 2018-09-12 13:40:46 +02:00
acme.xml docs: format 2018-09-29 20:51:11 -04:00
apparmor-suid.nix apparmor-suid: don't force glibc 2018-10-30 19:50:47 -05:00
apparmor.nix apparmor: support for lxc profiles 2017-01-10 23:01:03 +01:00
audit.nix nixos: Move uses of stdenv.shell to runtimeShell. 2018-03-01 14:38:53 -05:00
auditd.nix nixos/auditd: break ordering cycle (#27577) 2017-08-01 20:45:01 +01:00
ca.nix nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
chromium-suid-sandbox.nix nixos/chromium-suid-sandbox: remove reference to grsecurity 2017-09-02 20:35:28 +02:00
dhparams.nix dhparams module: add self as maintainer 2018-10-31 01:05:35 +09:00
duosec.nix nixos/security: Fix pam configuration file generation. 2019-02-24 22:49:01 +00:00
google_oslogin.nix config.security.googleOsLogin: add module 2018-12-21 17:52:37 +01:00
hidepid.nix [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
hidepid.xml docs: format 2018-09-29 20:51:11 -04:00
lock-kernel-modules.nix nixos/lock-kernel-modules: add myself to maintainers 2018-10-15 01:33:30 +02:00
misc.nix nixos/security/misc: expose SMT control option 2018-12-27 15:00:49 +01:00
oath.nix [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
pam_mount.nix nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
pam_usb.nix [bot] treewide: remove unused 'inherit' in let blocks 2018-07-20 19:38:19 +00:00
pam.nix nixos/security: Add duo-unix support to pam. 2019-02-24 22:48:56 +00:00
polkit.nix nixos/polkit: use tmpfiles to clean old dirs 2018-09-30 11:08:11 -07:00
prey.nix nixos: fix some types 2015-09-18 18:48:50 +00:00
rngd.nix nixos/rngd: do not pass --version flag 2018-11-05 10:41:38 +01:00
rtkit.nix nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
sudo.nix nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
systemd-confinement.nix nixos/confinement: Use PrivateMounts option 2019-03-27 20:34:32 +01:00