diff options
author | Joachim Fasting <joachifm@fastmail.fm> | 2015-03-17 11:04:31 +0100 |
---|---|---|
committer | Joachim Fasting <joachifm@fastmail.fm> | 2015-03-18 12:07:43 +0100 |
commit | 532337d67324c13c0231f5d39b0d0ae099902df1 (patch) | |
tree | 557ee4537db7dba02d9ab64dcdf605fa97db333c /nixos/modules/security/apparmor.nix | |
parent | 7a9a24a95e70f10ebd90eda94f08508f03942963 (diff) | |
download | nixpkgs-532337d67324c13c0231f5d39b0d0ae099902df1.tar nixpkgs-532337d67324c13c0231f5d39b0d0ae099902df1.tar.gz nixpkgs-532337d67324c13c0231f5d39b0d0ae099902df1.tar.bz2 nixpkgs-532337d67324c13c0231f5d39b0d0ae099902df1.tar.lz nixpkgs-532337d67324c13c0231f5d39b0d0ae099902df1.tar.xz nixpkgs-532337d67324c13c0231f5d39b0d0ae099902df1.tar.zst nixpkgs-532337d67324c13c0231f5d39b0d0ae099902df1.zip |
Cleanup AppArmor module
Remove excessive whitespace & comment sections
Diffstat (limited to 'nixos/modules/security/apparmor.nix')
-rw-r--r-- | nixos/modules/security/apparmor.nix | 18 |
1 files changed, 3 insertions, 15 deletions
diff --git a/nixos/modules/security/apparmor.nix b/nixos/modules/security/apparmor.nix index 92f020edce5..4fef62cbffd 100644 --- a/nixos/modules/security/apparmor.nix +++ b/nixos/modules/security/apparmor.nix @@ -6,37 +6,26 @@ let in { - #### interface options = { - security.apparmor = { - enable = mkOption { type = types.bool; default = false; description = "Enable the AppArmor Mandatory Access Control system."; }; - profiles = mkOption { type = types.listOf types.path; default = []; description = "List of files containing AppArmor profiles."; }; - }; - }; - #### implementation config = mkIf cfg.enable { - - environment.systemPackages = [ - pkgs.apparmor-utils - ]; + environment.systemPackages = [ pkgs.apparmor-utils ]; systemd.services.apparmor = { wantedBy = [ "local-fs.target" ]; - serviceConfig = { Type = "oneshot"; RemainAfterExit = "yes"; @@ -50,12 +39,11 @@ in }; security.pam.services.apparmor.text = '' - ## The AppArmor service changes hats according to order: first try - ## user, then group, and finally fall back to a hat called "DEFAULT" + ## AppArmor changes hats according to `order`: first try user, then + ## group, and finally fall back to a hat called "DEFAULT" ## ## For now, enable debugging as this is an experimental feature. session optional ${pkgs.apparmor-pam}/lib/security/pam_apparmor.so order=user,group,default debug ''; - }; } |