diff options
| author | Sandro <sandro.jaeckel@gmail.com> | 2024-06-25 22:42:16 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-25 22:42:16 +0200 |
| commit | 33f83c62521656d3709e77629a8aae3175ef1dab (patch) | |
| tree | 4d76374ef368a23122fa3bce6364f185f59f16cb /nixos/modules/security | |
| parent | 3176d6fb53681394e18f57451240ee2eb05386b2 (diff) | |
| parent | 7d8742da87c1b06cd6db5eba1fe5a2cf8a7b2568 (diff) | |
Merge pull request #316977 from eclairevoyant/fix-mkEnableOption
treewide: fix mkEnableOption usage
Diffstat (limited to 'nixos/modules/security')
| -rw-r--r-- | nixos/modules/security/ca.nix | 6 | ||||
| -rw-r--r-- | nixos/modules/security/pam.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/security/sudo-rs.nix | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/nixos/modules/security/ca.nix b/nixos/modules/security/ca.nix index af5d91b35f2eb..8aae6eb3f29b0 100644 --- a/nixos/modules/security/ca.nix +++ b/nixos/modules/security/ca.nix @@ -26,13 +26,13 @@ in security.pki.useCompatibleBundle = mkEnableOption ''usage of a compatibility bundle. - Such a bundle consist exclusively of `BEGIN CERTIFICATE` and no `BEGIN TRUSTED CERTIFICATE`, - which is a OpenSSL specific PEM format. + Such a bundle consists exclusively of `BEGIN CERTIFICATE` and no `BEGIN TRUSTED CERTIFICATE`, + which is an OpenSSL specific PEM format. It is known to be incompatible with certain software stacks. Nevertheless, enabling this will strip all additional trust rules provided by the - certificates themselves, this can have security consequences depending on your usecases. + certificates themselves. This can have security consequences depending on your usecases ''; security.pki.certificateFiles = mkOption { diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index 5d3bed2fb02c8..f77e819d0c83a 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -1055,7 +1055,7 @@ in the dp9ik pam module provided by tlsclient. If set, users can be authenticated against the 9front - authentication server given in {option}`security.pam.dp9ik.authserver`. + authentication server given in {option}`security.pam.dp9ik.authserver` ''; control = mkOption { default = "sufficient"; diff --git a/nixos/modules/security/sudo-rs.nix b/nixos/modules/security/sudo-rs.nix index 6ccf42ed7f087..e63a64d4691c0 100644 --- a/nixos/modules/security/sudo-rs.nix +++ b/nixos/modules/security/sudo-rs.nix @@ -41,7 +41,7 @@ in enable = mkEnableOption '' a memory-safe implementation of the {command}`sudo` command, - which allows non-root users to execute commands as root. + which allows non-root users to execute commands as root ''; package = mkPackageOption pkgs "sudo-rs" { }; |