mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-27 01:13:05 +00:00
6feb61233b
Currently, kernel config options whose value is "yes" always override options whose value is "no". This is not always desired. Generally speaking, if someone defines an option to have the value "no", presumably they are disabling the option for a reason, so it's not always OK to silently enable it due to another, probably unrelated reason. For example, a user may want to reduce the kernel attack surface and therefore may want to disable features that are being enabled in common-config.nix. In fact, common-config.nix was already silently enabling options that were intended to be disabled in hardened/config.nix for security reasons, such as INET_DIAG. By eliminating the custom merge function, these config options will now use the default module option merge functions which make sure that all options with the highest priority have the same value. A user that wishes to override an option defined in common-config.nix can currently use mkForce or mkOverride to do so, e.g.: BINFMT_MISC = mkForce (option no); That said, this is not going to be necessary in the future, because the plan is for kernel config options defined in nixpkgs to use a lower priority by default, like it currently happens for other module options. |
||
---|---|---|
.. | ||
loader | ||
binfmt.nix | ||
emergency-mode.nix | ||
grow-partition.nix | ||
initrd-network.nix | ||
initrd-openvpn.nix | ||
initrd-ssh.nix | ||
kernel_config.nix | ||
kernel.nix | ||
kexec.nix | ||
luksroot.nix | ||
modprobe.nix | ||
networkd.nix | ||
pbkdf2-sha512.c | ||
plymouth.nix | ||
resolved.nix | ||
shutdown.nix | ||
stage-1-init.sh | ||
stage-1.nix | ||
stage-2-init.sh | ||
stage-2.nix | ||
systemd-lib.nix | ||
systemd-nspawn.nix | ||
systemd-unit-options.nix | ||
systemd.nix | ||
timesyncd.nix | ||
tmp.nix |