nixpkgs/nixos/modules/services
Lin Jian 759ec1113d
nixos/network-interfaces: stop wrapping ping with cap_net_raw
From systemd 243 release note[1]:

This release enables unprivileged programs (i.e. requiring neither
setuid nor file capabilities) to send ICMP Echo (i.e. ping) requests
by turning on the "net.ipv4.ping_group_range" sysctl of the Linux
kernel for the whole UNIX group range, i.e. all processes.

So this wrapper is not needed any more.

See also [2] and [3].

This patch also removes:
- apparmor profiles in NixOS for ping itself and the wrapped one
- other references for the wrapped ping

[1]: 8e2d9d40b3/NEWS (L6457-L6464)
[2]: https://github.com/systemd/systemd/pull/13141
[3]: https://fedoraproject.org/wiki/Changes/EnableSysctlPingGroupRange
2023-09-21 16:52:16 +08:00
..
admin
amqp
audio nixos/tts: fix error messages read before text 2023-08-25 09:48:46 +02:00
backup Merge pull request #251062 from ajs124/restic-wrapper-script 2023-09-09 19:11:33 +02:00
blockchain/ethereum
cluster treewide: stop using types.string 2023-08-08 21:31:21 +08:00
computing nixos/boinc: add boinc-headless example to package option 2023-07-18 21:47:12 +01:00
continuous-integration Merge pull request #249964 from ambroisie/woodpecker-improvements 2023-09-09 19:30:34 +02:00
databases nixos/surrealdb: incorporate beta 10 changes 2023-09-07 08:57:41 +00:00
desktops nixos: fix typos 2023-05-19 22:31:04 -04:00
development zammad: link test in passthru.tests 2023-05-17 16:06:50 +02:00
display-managers
editors emacs: remove outdated doc about package initialization 2023-08-25 10:22:30 +00:00
finance odoo: 15.20230317 -> 16.20230722 2023-08-26 10:22:57 +02:00
games Merge pull request #250100 from NixOS/ioquake3/update 2023-08-19 12:31:33 +02:00
hardware nixos/auto-cpufreq: Add nicoo to maintainers 2023-09-13 10:25:53 +00:00
home-automation nixos/network-interfaces: stop wrapping ping with cap_net_raw 2023-09-21 16:52:16 +08:00
logging nixos/logrotate: add extraArgs option 2023-09-05 16:04:07 +02:00
mail nixos/listmonk: fixing datatype of options 2023-09-09 15:21:32 +02:00
matrix nixos/synapse: make sure workers require main process 2023-09-18 10:52:54 +02:00
misc Merge pull request #255145 from BuonHobo/patch-1 2023-09-16 12:00:21 -06:00
monitoring Merge pull request #255179 from Ma27/rm-grafana-migration-error 2023-09-17 13:44:33 +02:00
network-filesystems Merge pull request #246029 from ehmry/eris-go 2023-08-08 06:18:03 +02:00
networking nixos/frp: init 2023-09-17 14:37:19 +08:00
printing cups: add xdg-open as dependency package as substitution does not work 2023-07-13 15:37:00 +02:00
scheduling treewide: use optionalString instead of 'then ""' 2023-06-24 20:19:19 +02:00
search nixos/typesense: init at 0.24.1 2023-07-22 16:38:13 +02:00
security nixos/kanidm: fix broken doc links 2023-08-31 14:03:30 +03:00
system nixos/zram-generator: drop outdated comments 2023-08-24 08:47:19 +08:00
torrent nixos/deluge: fix typo 2023-05-09 18:02:17 +04:00
tracing nixos/tempo: add extraFlags option 2023-08-14 18:07:24 +02:00
ttys treewide: rename fonts.fonts to fonts.packages 2023-07-24 17:34:39 +02:00
video nixos/mediamtx: refactor 2023-08-10 20:16:11 +02:00
wayland nixos/cage: add environment config 2023-05-28 23:36:22 +02:00
web-apps nixos/mobilizon: migrate to mdDoc 2023-09-14 07:53:23 +00:00
web-servers nixos/caddy: ensure vhosts come after user-specified cfg.extraConfig 2023-09-18 11:12:19 +02:00
x11 oroborus: remove 2023-09-11 01:56:45 +00:00