mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-30 19:02:57 +00:00
nixos/confinement: Use PrivateMounts option
So far we had MountFlags = "private", but as @Infinisil has correctly noticed, there is a dedicated PrivateMounts option, which does exactly that and is better integrated than providing raw mount flags. When checking for the reason why I used MountFlags instead of PrivateMounts, I found that at the time I wrote the initial version of this module (Mar 12 06:15:58 2018 +0100) the PrivateMounts option didn't exist yet and has been added to systemd in Jun 13 08:20:18 2018 +0200. Signed-off-by: aszlig <aszlig@nix.build>
This commit is contained in:
parent
861a1cec60
commit
52299bccf5
@ -107,7 +107,7 @@ in {
|
|||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
RootDirectory = pkgs.runCommand rootName {} "mkdir \"$out\"";
|
RootDirectory = pkgs.runCommand rootName {} "mkdir \"$out\"";
|
||||||
TemporaryFileSystem = "/";
|
TemporaryFileSystem = "/";
|
||||||
MountFlags = lib.mkDefault "private";
|
PrivateMounts = lib.mkDefault true;
|
||||||
|
|
||||||
# https://github.com/NixOS/nixpkgs/issues/14645 is a future attempt
|
# https://github.com/NixOS/nixpkgs/issues/14645 is a future attempt
|
||||||
# to change some of these to default to true.
|
# to change some of these to default to true.
|
||||||
|
Loading…
Reference in New Issue
Block a user