Loading nixos/modules/security/apparmor/includes.nix +7 −0 Original line number Diff line number Diff line Loading @@ -431,6 +431,13 @@ in "abstractions/python" = '' include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/python" ''; "abstractions/golang" = '' # Container-aware GOMAXPROCS owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/cgroup r, @{sys}/fs/cgroup/**/{cpu.cfs_quota_us,cpu.cfs_period_us} r, # V1 @{sys}/fs/cgroup/**/cpu.max r, # V2 ''; "abstractions/qt5" = '' include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/qt5" '' Loading nixos/modules/services/web-apps/miniflux.nix +1 −1 Original line number Diff line number Diff line Loading @@ -212,9 +212,9 @@ in include <abstractions/base> include <abstractions/nameservice> include <abstractions/ssl_certs> include <abstractions/golang> include "${pkgs.apparmorRulesFromClosure { name = "miniflux"; } cfg.package}" r ${cfg.package}/bin/miniflux, r @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size, rw /run/miniflux/**, } ''; Loading Loading
nixos/modules/security/apparmor/includes.nix +7 −0 Original line number Diff line number Diff line Loading @@ -431,6 +431,13 @@ in "abstractions/python" = '' include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/python" ''; "abstractions/golang" = '' # Container-aware GOMAXPROCS owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/cgroup r, @{sys}/fs/cgroup/**/{cpu.cfs_quota_us,cpu.cfs_period_us} r, # V1 @{sys}/fs/cgroup/**/cpu.max r, # V2 ''; "abstractions/qt5" = '' include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/qt5" '' Loading
nixos/modules/services/web-apps/miniflux.nix +1 −1 Original line number Diff line number Diff line Loading @@ -212,9 +212,9 @@ in include <abstractions/base> include <abstractions/nameservice> include <abstractions/ssl_certs> include <abstractions/golang> include "${pkgs.apparmorRulesFromClosure { name = "miniflux"; } cfg.package}" r ${cfg.package}/bin/miniflux, r @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size, rw /run/miniflux/**, } ''; Loading
