diff options
author | Ben Wolsieffer <benwolsieffer@gmail.com> | 2023-10-10 04:13:29 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-10 10:13:29 +0200 |
commit | b6876d5c8613c02177feb059e15ec6549e72e379 (patch) | |
tree | 23f869f1d6df8b17a2d930618c3999d36cc9cb77 /nixos/modules/security | |
parent | 21de4a64c06cbef52ca16cb071300b74de6a15dc (diff) | |
download | nixpkgs-b6876d5c8613c02177feb059e15ec6549e72e379.tar nixpkgs-b6876d5c8613c02177feb059e15ec6549e72e379.tar.gz nixpkgs-b6876d5c8613c02177feb059e15ec6549e72e379.tar.bz2 nixpkgs-b6876d5c8613c02177feb059e15ec6549e72e379.tar.lz nixpkgs-b6876d5c8613c02177feb059e15ec6549e72e379.tar.xz nixpkgs-b6876d5c8613c02177feb059e15ec6549e72e379.tar.zst nixpkgs-b6876d5c8613c02177feb059e15ec6549e72e379.zip |
nixos/security/wrappers: don't force PIE hardening (#259509)
PIE causes problems with static binaries on ARM (see 76552e9). It is enabled by default on other platforms anyway when musl is used, so we don't need to specify it manually.
Diffstat (limited to 'nixos/modules/security')
-rw-r--r-- | nixos/modules/security/wrappers/wrapper.nix | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/nixos/modules/security/wrappers/wrapper.nix b/nixos/modules/security/wrappers/wrapper.nix index da2fca98d5c..27d46c630af 100644 --- a/nixos/modules/security/wrappers/wrapper.nix +++ b/nixos/modules/security/wrappers/wrapper.nix @@ -5,7 +5,6 @@ stdenv.mkDerivation { name = "security-wrapper"; buildInputs = [ linuxHeaders ]; dontUnpack = true; - hardeningEnable = [ "pie" ]; CFLAGS = [ ''-DSOURCE_PROG="${sourceProg}"'' ] ++ (if debug then [ |