Admins will be upgrading ORNL GitLab Servers on Saturday, 16 May 2026, from 7 AM until 11 AM EST. Repositories will experience intermittent outages during this time.

Unverified Commit dc5fa53b authored Oct 27, 2022 by Sandro Jäckel Committed by GitHub Oct 27, 2022

Merge pull request #197657 from MidAutumnMoon/go-119-services-fix

parents 6bcc077a d3a95ce3

nixos/modules/services/mail/listmonk.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -202,7 +202,7 @@ in {
		NoNewPrivileges = true;
		CapabilityBoundingSet = "";
		SystemCallArchitecture = "native";
		SystemCallFilter = [ "@system-service" "~@privileged" "@resources" ];
		SystemCallFilter = [ "@system-service" "~@privileged" ];
		ProtectDevices = true;
		ProtectControlGroups = true;
		ProtectKernelTunables = true;

nixos/modules/services/networking/croc.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -72,7 +72,7 @@ in
		RuntimeDirectoryMode = "700";
		SystemCallFilter = [
		"@system-service"
		"~@aio" "~@keyring" "~@memlock" "~@privileged" "~@resources" "~@setuid" "~@sync" "~@timer"
		"~@aio" "~@keyring" "~@memlock" "~@privileged" "~@setuid" "~@sync" "~@timer"
		];
		SystemCallArchitectures = "native";
		SystemCallErrorNumber = "EPERM";

nixos/modules/services/web-apps/galene.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -191,7 +191,7 @@ in
		RestrictRealtime = true;
		RestrictSUIDSGID = true;
		SystemCallArchitectures = "native";
		SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
		SystemCallFilter = [ "@system-service" "~@privileged" ];
		UMask = "0077";
		}
		];