aboutsummaryrefslogtreecommitdiff
path: root/infra/libkookie/nixpkgs/nixos/modules/security/hidepid.nix
diff options
context:
space:
mode:
Diffstat (limited to 'infra/libkookie/nixpkgs/nixos/modules/security/hidepid.nix')
-rw-r--r--infra/libkookie/nixpkgs/nixos/modules/security/hidepid.nix4
1 files changed, 4 insertions, 0 deletions
diff --git a/infra/libkookie/nixpkgs/nixos/modules/security/hidepid.nix b/infra/libkookie/nixpkgs/nixos/modules/security/hidepid.nix
index 55a48ea3c9c6..4953f517e93b 100644
--- a/infra/libkookie/nixpkgs/nixos/modules/security/hidepid.nix
+++ b/infra/libkookie/nixpkgs/nixos/modules/security/hidepid.nix
@@ -23,5 +23,9 @@ with lib;
boot.specialFileSystems."/proc".options = [ "hidepid=2" "gid=${toString config.ids.gids.proc}" ];
systemd.services.systemd-logind.serviceConfig.SupplementaryGroups = [ "proc" ];
+
+ # Disable cgroupsv2, which doesn't work with hidepid.
+ # https://github.com/NixOS/nixpkgs/pull/104094#issuecomment-729996203
+ systemd.enableUnifiedCgroupHierarchy = false;
};
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 17:18:19 +0000