diff options
-rw-r--r-- | hosts/vidhar/prometheus/default.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix index 98f0a90d..863b77fe 100644 --- a/hosts/vidhar/prometheus/default.nix +++ b/hosts/vidhar/prometheus/default.nix | |||
@@ -225,7 +225,7 @@ in { | |||
225 | ProtectKernelTunables = true; | 225 | ProtectKernelTunables = true; |
226 | ProtectSystem = "strict"; | 226 | ProtectSystem = "strict"; |
227 | RemoveIPC = true; | 227 | RemoveIPC = true; |
228 | RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; | 228 | RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_NETLINK" ]; |
229 | RestrictNamespaces = true; | 229 | RestrictNamespaces = true; |
230 | RestrictRealtime = true; | 230 | RestrictRealtime = true; |
231 | RestrictSUIDSGID = true; | 231 | RestrictSUIDSGID = true; |