nixos/croc: set proper SystemCallFilter · pyrox.dev/nixpkgs@ba8041f

pyrox.dev / nixpkgs

fork atom

lol

fork atom

nixos/croc: set proper SystemCallFilter

MidAutumnMoon 3 years ago ba8041fc 19b481fb

+1 -1

1 changed file

expand all

nixos

modules

services

networking

croc.nix

+1 -1

nixos/modules/services/networking/croc.nix

··· 72 72 RuntimeDirectoryMode = "700"; 73 73 SystemCallFilter = [ 74 74 "@system-service" 75 - "~@aio" "~@keyring" "~@memlock" "~@privileged" "~@resources" "~@setuid" "~@sync" "~@timer" 75 + "~@aio" "~@keyring" "~@memlock" "~@privileged" "~@setuid" "~@sync" "~@timer" 76 76 ]; 77 77 SystemCallArchitectures = "native"; 78 78 SystemCallErrorNumber = "EPERM";