diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-01-01 16:58:35 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-01-01 16:58:35 +0100 |
commit | a795521d96a28564d0826d717d5e281f405e3889 (patch) | |
tree | 53929620acd2e1174a97bf37b8345a71c91778b0 /hosts/vidhar/prometheus/default.nix | |
parent | 1e50023af2505e7a5fbad350d0c8a666e78d4fb9 (diff) | |
download | nixos-a795521d96a28564d0826d717d5e281f405e3889.tar nixos-a795521d96a28564d0826d717d5e281f405e3889.tar.gz nixos-a795521d96a28564d0826d717d5e281f405e3889.tar.bz2 nixos-a795521d96a28564d0826d717d5e281f405e3889.tar.xz nixos-a795521d96a28564d0826d717d5e281f405e3889.zip |
...
Diffstat (limited to 'hosts/vidhar/prometheus/default.nix')
-rw-r--r-- | hosts/vidhar/prometheus/default.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix index 98f0a90d..863b77fe 100644 --- a/hosts/vidhar/prometheus/default.nix +++ b/hosts/vidhar/prometheus/default.nix | |||
@@ -225,7 +225,7 @@ in { | |||
225 | ProtectKernelTunables = true; | 225 | ProtectKernelTunables = true; |
226 | ProtectSystem = "strict"; | 226 | ProtectSystem = "strict"; |
227 | RemoveIPC = true; | 227 | RemoveIPC = true; |
228 | RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; | 228 | RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_NETLINK" ]; |
229 | RestrictNamespaces = true; | 229 | RestrictNamespaces = true; |
230 | RestrictRealtime = true; | 230 | RestrictRealtime = true; |
231 | RestrictSUIDSGID = true; | 231 | RestrictSUIDSGID = true; |