Loading nixos/modules/services/web-apps/gerrit.nix +3 −1 Original line number Diff line number Diff line Loading @@ -232,10 +232,12 @@ in AmbientCapabilities = ""; CapabilityBoundingSet = ""; LockPersonality = true; MountAPIVFS = true; NoNewPrivileges = true; PrivateDevices = true; PrivateMounts = true; PrivateTmp = true; PrivateUsers = true; ProtectClock = true; ProtectControlGroups = "strict"; ProtectHome = true; Loading @@ -243,7 +245,7 @@ in ProtectKernelLogs = true; ProtectKernelModules = true; ProtectKernelTunables = true; ProtectProc = "noaccess"; ProtectProc = "invisible"; ProtectSystem = "full"; RestrictAddressFamilies = [ "AF_UNIX" Loading Loading
nixos/modules/services/web-apps/gerrit.nix +3 −1 Original line number Diff line number Diff line Loading @@ -232,10 +232,12 @@ in AmbientCapabilities = ""; CapabilityBoundingSet = ""; LockPersonality = true; MountAPIVFS = true; NoNewPrivileges = true; PrivateDevices = true; PrivateMounts = true; PrivateTmp = true; PrivateUsers = true; ProtectClock = true; ProtectControlGroups = "strict"; ProtectHome = true; Loading @@ -243,7 +245,7 @@ in ProtectKernelLogs = true; ProtectKernelModules = true; ProtectKernelTunables = true; ProtectProc = "noaccess"; ProtectProc = "invisible"; ProtectSystem = "full"; RestrictAddressFamilies = [ "AF_UNIX" Loading
