about summary refs log tree commit diff
path: root/nixos/modules/security
AgeCommit message (Expand)AuthorFilesLines
2017-02-03grsecurity docs: some polishJoachim Fasting1-18/+20
2017-01-25nixos/acme: add random delay to timerFranz Pletz1-0/+2
2017-01-10apparmor: support for lxc profilesJörg Thalheim1-5/+13
2017-01-09nixos docs: update for Nginx + ACME (#21320)teh1-42/+20
2017-01-04sssd: init at 1.14.2Alexander Kahl1-1/+20
2016-12-08grsecurity doc: describe work-around for gitlabJoachim Fasting1-0/+13
2016-12-07hidepid: polkit and systemd-logind compatibilityJoachim Fasting1-0/+2
2016-12-06grsecurity: enable module hardeningJoachim Fasting1-4/+4
2016-12-06grsecurity docs: note that pax_sanitize_slab defaults to fastJoachim Fasting1-1/+1
2016-12-06grsecurity: enable optional sysfs restrictionsJoachim Fasting2-4/+8
2016-12-06grsecurity: delay toggling of sysctls until system is upJoachim Fasting1-2/+45
2016-11-29acme: ensure nginx challenges directory is writeableDomen Kožar2-1/+2
2016-11-28grsecurity module: force a known good kernel package setJoachim Fasting2-13/+33
2016-11-20grsecurity module: remove code pertaining to zfsJoachim Fasting1-14/+0
2016-11-20grsecurity module: remove requiredKernelConfigJoachim Fasting2-15/+3
2016-11-20grsecurity module: remove use of mkEnableOptionJoachim Fasting1-1/+8
2016-11-16duosec module: use enumEric Sagnes1-9/+3
2016-10-29grsecurity: fix 'isYes' and 'isNo'Timofei Kushnir1-3/+3
2016-10-21acme: we do want to support ipv4 afterallDomen Kožar1-0/+1
2016-10-21acme: provide full nginx exampleDomen Kožar1-0/+20
2016-10-15audit module: only enable service if kernel has audit (#19569)Alexander Ried1-1/+5
2016-10-09cacerts: refactor, add blacklist optionFranz Pletz1-3/+25
2016-10-03nixos.acme: make timer persistentRicardo M. Correia1-0/+1
2016-10-02grsecurity doc: note that module autoload hardening is disabledJoachim Fasting1-0/+4
2016-10-02grsecurity: make GRKERNSEC y and PAX y implicitJoachim Fasting1-2/+0
2016-10-01Merge pull request #18511 from ericsagnes/feat/remove-optionSetJoachim F2-4/+2
2016-09-19Merge branch 'rngd-wantedBy' of git://github.com/srp/nixpkgs-1Shea Levy1-1/+1
2016-09-17rngd: update modalias to match cpu typeScott R. Parish1-1/+1
2016-09-17Revert "nixos/pam: clean up generated files (no functional change) (#18580)"Thomas Tuegel1-101/+98
2016-09-16nixos/pam: Fix wrong string concatenationaszlig1-5/+5
2016-09-15hidepid module: detailed description to external docJoachim Fasting2-12/+45
2016-09-14nixos/pam: clean up generated files (no functional change) (#18580)Bjørn Forsman1-96/+99
2016-09-13sudo: Allow root to use sudo to switch groupsRoger Qiu1-1/+1
2016-09-13pam module: optionSet -> submoduleEric Sagnes1-2/+1
2016-09-13acme module: optionSet -> submoduleEric Sagnes1-2/+1
2016-09-06Merge pull request #18366 from groxxda/acme-loopFranz Pletz1-1/+2
2016-09-06security.acme: the client really needs networkingAlexander Ried1-1/+2
2016-09-06Enable the runuser command from util-linuxEelco Dolstra1-1/+20
2016-09-05grsecurity module: set nixpkgs.config.grsecurity = trueJoachim Fasting1-0/+2
2016-09-04setuid-wrappers: correctly umount the tmpfsDomen Kožar1-1/+1
2016-09-04setuid-wrappers : Prepare permissions for running wrappersKarn Kallio1-0/+1
2016-09-01Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186)Domen Kožar1-7/+27
2016-09-01Merge staging into masterTuomas Tynkkynen1-4/+12
2016-08-31audit: Disable by defaultTuomas Tynkkynen1-1/+1
2016-08-31audit service: Explicitly call auditctl to disable everythingTuomas Tynkkynen1-3/+11
2016-08-31Revert "setuid-wrappers: Update wrapper dir atomically."Domen Kožar1-20/+6
2016-08-31hidepid service: use new boot.specialFileSystemsNikolay Amiantov1-1/+1
2016-08-31setuid-wrappers: Update wrapper dir atomically.Shea Levy1-6/+20
2016-08-30Merge pull request #17822 from abbradar/systemd-mountsNikolay Amiantov1-18/+1
2016-08-29nixos manual: move chapter on grsecurity to auto-generated module docsJoachim Fasting2-0/+350
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-08 10:39:30 +0000