nixpkgs/nixos/modules/security
Florian Klink d22b3ed4bc systemd: switch to unified cgroup hierarchy by default
See https://www.redhat.com/sysadmin/fedora-31-control-group-v2 for
details on why this is desirable, and how it impacts containers.

Users that need to keep using the old cgroup hierarchy can re-enable it
by setting `systemd.unifiedCgroupHierarchy` to `false`.

Well-known candidates not supporting that hierarchy, like docker and
hidepid=… will disable it automatically.

Fixes #73800
2020-11-19 16:56:46 +01:00
..
wrappers Revert "apparmor: fix and improve the service" 2020-10-07 12:22:18 +02:00
acme.nix nixos/acme: Use more secure chmods 2020-10-22 14:04:31 +01:00
acme.xml nixos/acme: Update docs, use assert more effectively 2020-09-05 01:06:29 +01:00
apparmor-suid.nix Revert "apparmor: fix and improve the service" 2020-10-07 12:22:18 +02:00
apparmor.nix Revert "apparmor: fix and improve the service" 2020-10-07 12:22:18 +02:00
audit.nix nixos: Move uses of stdenv.shell to runtimeShell. 2018-03-01 14:38:53 -05:00
auditd.nix auditd service: make more useful 2019-06-10 18:55:11 +03:00
ca.nix nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
chromium-suid-sandbox.nix nixos/treewide: Move rename.nix imports to their respective modules 2019-12-10 02:51:19 +01:00
dhparams.nix dhparams module: add self as maintainer 2018-10-31 01:05:35 +09:00
doas.nix nixos/doas: default rule should be first 2020-05-10 22:14:16 -07:00
duosec.nix treewide: fix modules options types where the default is null 2020-04-28 19:13:59 +02:00
google_oslogin.nix nixos/google-oslogin: add to system.nssDatabases.group too 2020-05-11 16:14:50 +02:00
hidepid.nix systemd: switch to unified cgroup hierarchy by default 2020-11-19 16:56:46 +01:00
hidepid.xml Revert "nixos/doc: re-format" 2019-09-19 19:17:30 +02:00
lock-kernel-modules.nix nixos/lock-kernel-modules: add myself to maintainers 2018-10-15 01:33:30 +02:00
misc.nix nixos/security/misc: add option unprivilegedUsernsClone 2020-08-25 14:18:24 +03:00
oath.nix [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
pam_mount.nix nixos/pam_mount: add pamMount attribute to users 2020-10-14 22:55:55 -07:00
pam_usb.nix [bot] treewide: remove unused 'inherit' in let blocks 2018-07-20 19:38:19 +00:00
pam.nix pam: add support for pam_gnupg 2020-10-12 13:29:40 +01:00
polkit.nix nixos/polkit: remove root from adminIdentities 2019-12-09 19:11:09 -05:00
rngd.nix nixos/modules/security/rngd: Disable by default 2020-09-09 21:51:25 -04:00
rtkit.nix treewide: use attrs instead of list for types.loaOf options 2020-01-06 10:39:18 -05:00
sudo.nix nixos/sudo: add package option 2020-10-01 13:00:52 +02:00
systemd-confinement.nix confinement: fix assert for serviceConfig.ProtectSystem 2020-10-14 11:56:18 +02:00
tpm2.nix nixos: remove StandardOutput=syslog, StandardError=syslog lines 2020-08-13 18:49:15 +02:00