tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-17 21:25:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
694498 commits 216 branches 129 tags 15 GiB
Commit graph

4 commits

Author SHA1 Message Date
rnhmjoj a432668acf
dhcpcd: disable privsep by default 
The priviledge separation mode has several downsides:

  - it's incompatible with alternative memory allocators, including
    graphene-hardened;

  - it needs an unreleased patch to fix a crash;

  - it results in none less than 6 subprocesses running at any time,
    increasing the memory usage;

  - the privileged process (albeit not doing any networking related
    tasks) is still running as root, so it has complete access to the
    system.

Let's disable this by default and instead run dhcpcd as an unpriviledge
user with only the necessary capabilities.
 2024-09-16 01:23:54 +02:00
K900 97a449ee8f nixos/tests/chrony: actually restart chrony when switching to hardened config 
This breaks the test. Fun.
 2024-09-08 17:04:45 +03:00
K900 7dd3489dab nixos/tests/chrony: use specializations instead of multiple machines 2024-09-08 17:04:45 +03:00
Franz Pletz 50e7a02e67
nixos/chrony: add simple test 2023-08-10 03:04:04 +02:00