nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-04-16 14:48:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

nixos/mastodon/streaming: add '@memlock' SystemCallFilter

Browse Source
This commit is contained in:
Izorkin 2021-05-12 11:41:11 +03:00 committed by Kerstin
parent 91e510ae22
commit a71576b07b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/services/web-apps/mastodon.nix
View File

@ -521,7 +521,7 @@ in {
RuntimeDirectory = "mastodon-streaming";
RuntimeDirectoryMode = "0750";
# System Call Filtering
SystemCallFilter = [ ("~" + lib.concatStringsSep " " (systemCallsList ++ [ "@resources" ])) "pipe" "pipe2" ];
SystemCallFilter = [ ("~" + lib.concatStringsSep " " (systemCallsList ++ [ "@memlock" "@resources" ])) "pipe" "pipe2" ];
} // cfgService;
};