mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-09-29 16:40:18 +02:00
Merge pull request #120620 from mweinelt/empty-capability-bounding-sets
nixos/{opendkim,rspamd}: Fix CapabilityBoundingSet option
This commit is contained in:
commit
85aef7706e
|
@ -134,7 +134,7 @@ in {
|
|||
ReadWritePaths = [ cfg.keyPath ];
|
||||
|
||||
AmbientCapabilities = [];
|
||||
CapabilityBoundingSet = [];
|
||||
CapabilityBoundingSet = "";
|
||||
DevicePolicy = "closed";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
|
|
|
@ -410,7 +410,7 @@ in
|
|||
StateDirectoryMode = "0700";
|
||||
|
||||
AmbientCapabilities = [];
|
||||
CapabilityBoundingSet = [];
|
||||
CapabilityBoundingSet = "";
|
||||
DevicePolicy = "closed";
|
||||
LockPersonality = true;
|
||||
NoNewPrivileges = true;
|
||||
|
|
Loading…
Reference in a new issue