about summary refs log tree commit diff
path: root/nixos/modules/profiles
AgeCommit message (Expand)AuthorFilesLines
2021-01-13nixos ISO image: revert another part of 8ca33835baVladimír Čunát1-10/+5
2021-01-13nixos: fixup build of aarch64 minimal ISO (fixes #109252)Vladimír Čunát1-6/+16
2021-01-05nixos/getty: rename from services.mingettyAlyssa Ross1-2/+2
2021-01-04profiles/hardened: Add note about potential instabilitytalyz1-1/+6
2020-09-27nixos/hardened: update blacklisted filesystemsTredwellGit1-0/+2
2020-09-06nixos/installer: enable sshd by defaultJörg Thalheim1-7/+8
2020-08-25nixos/security/misc: add option unprivilegedUsernsCloneIzorkin1-1/+4
2020-08-20nixos/systemPackages: clean up (#91213)davidak1-0/+1
2020-07-09nixos/displayManager: make autoLogin options independent of DM typeworldofpeace1-4/+6
2020-04-25Merge pull request #74378 from ttuegel/lxc-containeradisbladis1-1/+8
2020-04-17nixos/hardened: add emily to maintainersEmily1-1/+1
2020-04-17nixos/hardened: enable user namespaces for rootEmily1-2/+0
2020-04-17nixos/hardened: don't set vm.unprivileged_userfaultfdEmily1-3/+0
2020-04-17nixos/hardened: don't set vm.mmap_min_addrEmily1-10/+0
2020-04-17nixos/hardened: don't set vm.mmap_rnd{,_compat}_bitsEmily1-6/+0
2020-04-17nixos/hardened: don't set net.core.bpf_jit_hardenEmily1-3/+0
2020-04-17nixos/hardened: don't set kernel.unprivileged_bpf_disabledEmily1-4/+0
2020-04-17nixos/hardened: don't set kernel.dmesg_restrictEmily1-3/+0
2020-04-17nixos/hardened: don't set vsyscall=noneEmily1-3/+0
2020-04-17nixos/hardened: don't set slab_nomergeEmily1-3/+0
2020-04-05Revert "nixos/hardened: build sandbox incompatible with namespaces"Florian Klink1-2/+0
2020-04-03Merge pull request #73763 from kmcopper/hardening-profileJoachim F1-0/+5
2020-03-24Remove unused 'rogue' serviceEelco Dolstra1-3/+0
2020-03-24services/misc/nixos-manual.nix: RemoveEelco Dolstra1-1/+0
2019-11-27docker-container: Remove /etc symlinkThomas Tuegel1-1/+8
2019-11-26nixos/hardened: scudo default allocator. zero by default allow override.Kyle Copperfield1-0/+3
2019-11-22nixos/plasma5: drop enableQt4Support optionJan Tojnar1-1/+0
2019-11-19nixos/hardened: build sandbox incompatible with namespacesKyle Copperfield1-0/+2
2019-11-11profiles/graphical.nix: Drop systemWide pulseaudio in isoElis Hirwing1-1/+0
2019-10-16Revert "installer: Disable udisks"Franz Pletz1-3/+0
2019-10-12nixos/hardened: blacklist old filesystems (#70482)Joachim F1-0/+21
2019-09-18qemu-guest: allow to override security.rngdMatthieu Coudron1-2/+2
2019-08-31Merge pull request #63773 from flokli/installation-device-fixesFlorian Klink1-7/+10
2019-08-19Merge pull request #66687 from joachifm/feat/hardened-nixos-revert-graphene-m...Marek Mahut1-2/+0
2019-08-19nixos/installation-device.nix: explain sshd usageFlorian Klink1-7/+10
2019-08-18nixos/systemd: install sysctl snippetsFlorian Klink1-11/+5
2019-08-15Revert "nixos/hardened: use graphene-hardened malloc by default"Joachim Fasting1-2/+0
2019-08-15nixos-hardened: disable unprivileged userfaultfd syscallsJoachim Fasting1-0/+3
2019-08-15nixos-hardened: enable page alloc randomizationJoachim Fasting1-0/+3
2019-08-12installer: Don't run as rootworldofpeace1-7/+20
2019-07-30nixos/hardened: make pti=on overridablePierre Bourdon1-3/+2
2019-07-19Renaming security.virtualization.flushL1DataCache to virtualisationMarek Mahut1-1/+1
2019-07-04nixos/hardened: harder inet defaultsJoachim Fasting1-0/+30
2019-07-04nixos/hardened: disable ftrace by defaultJoachim Fasting1-0/+3
2019-05-07nixos/hardened: use graphene-hardened malloc by defaultJoachim Fasting1-0/+2
2019-02-22profiles/graphical.nix: Enable pulseaudio for virtualbox appliancesElis Hirwing1-0/+4
2019-01-31types.optionSet: deprecate and remove last usagesdanbst1-1/+1
2019-01-13modules/profiles/minimal: sound is disabled by defaultProfpatsch2-2/+1
2019-01-05nixos/hardened profile: always enable ptiJoachim Fasting1-0/+3
2019-01-05nixos/hardened profile: slab/slub hardeningJoachim Fasting1-0/+6
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-03 21:20:18 +0000