diff options
| author | Julien Moutinho <julm+nixpkgs@sourcephile.fr> | 2020-10-18 15:36:24 +0200 |
|---|---|---|
| committer | Julien Moutinho <julm+nixpkgs@sourcephile.fr> | 2021-04-23 07:17:55 +0200 |
| commit | 05d334cfe265f021b16c41375e3e5a4c4a07fc74 (patch) | |
| tree | 0d00c946f6f9ed0492ec74725261a44d59bfd067 /nixos/modules/config | |
| parent | d239bc36439f4f1457c5c70ad59f8a737989d79a (diff) | |
| download | nixpkgs-05d334cfe265f021b16c41375e3e5a4c4a07fc74.tar nixpkgs-05d334cfe265f021b16c41375e3e5a4c4a07fc74.tar.gz nixpkgs-05d334cfe265f021b16c41375e3e5a4c4a07fc74.tar.bz2 nixpkgs-05d334cfe265f021b16c41375e3e5a4c4a07fc74.tar.lz nixpkgs-05d334cfe265f021b16c41375e3e5a4c4a07fc74.tar.xz nixpkgs-05d334cfe265f021b16c41375e3e5a4c4a07fc74.tar.zst nixpkgs-05d334cfe265f021b16c41375e3e5a4c4a07fc74.zip | |
Revert "Revert "apparmor: fix and improve the service""
This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c.
Diffstat (limited to 'nixos/modules/config')
| -rw-r--r-- | nixos/modules/config/fonts/fontconfig.nix | 34 | ||||
| -rw-r--r-- | nixos/modules/config/malloc.nix | 7 |
2 files changed, 41 insertions, 0 deletions
diff --git a/nixos/modules/config/fonts/fontconfig.nix b/nixos/modules/config/fonts/fontconfig.nix index 6e7b8c4b88a..72827c5abaa 100644 --- a/nixos/modules/config/fonts/fontconfig.nix +++ b/nixos/modules/config/fonts/fontconfig.nix @@ -448,6 +448,40 @@ in (mkIf cfg.enable { environment.systemPackages = [ pkgs.fontconfig ]; environment.etc.fonts.source = "${fontconfigEtc}/etc/fonts/"; + security.apparmor.includes."abstractions/fonts" = '' + # fonts.conf + r ${pkg.out}/etc/fonts/fonts.conf, + + # fontconfig default config files + r ${pkg.out}/etc/fonts/conf.d/*.conf, + + # 00-nixos-cache.conf + r ${cacheConf}, + + # 10-nixos-rendering.conf + r ${renderConf}, + + # 50-user.conf + ${optionalString cfg.includeUserConf '' + r ${pkg.out}/etc/fonts/conf.d.bak/50-user.conf, + ''} + + # local.conf (indirect priority 51) + ${optionalString (cfg.localConf != "") '' + r ${localConf}, + ''} + + # 52-nixos-default-fonts.conf + r ${defaultFontsConf}, + + # 53-no-bitmaps.conf + r ${rejectBitmaps}, + + ${optionalString (!cfg.allowType1) '' + # 53-nixos-reject-type1.conf + r ${rejectType1}, + ''} + ''; }) (mkIf cfg.enable { fonts.fontconfig.confPackages = [ confPkg ]; diff --git a/nixos/modules/config/malloc.nix b/nixos/modules/config/malloc.nix index a3eb55d8a42..fc35993b5a8 100644 --- a/nixos/modules/config/malloc.nix +++ b/nixos/modules/config/malloc.nix @@ -87,5 +87,12 @@ in environment.etc."ld-nix.so.preload".text = '' ${providerLibPath} ''; + security.apparmor.includes = { + "abstractions/base" = '' + r /etc/ld-nix.so.preload, + r ${config.environment.etc."ld-nix.so.preload".source}, + mr ${providerLibPath}, + ''; + }; }; } |