summary refs log tree commit diff
path: root/nixos/doc/manual/configuration/profiles/hardened.xml
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/doc/manual/configuration/profiles/hardened.xml')
-rw-r--r--nixos/doc/manual/configuration/profiles/hardened.xml8
1 files changed, 5 insertions, 3 deletions
diff --git a/nixos/doc/manual/configuration/profiles/hardened.xml b/nixos/doc/manual/configuration/profiles/hardened.xml
index b3b433792f5..dc83fc837e2 100644
--- a/nixos/doc/manual/configuration/profiles/hardened.xml
+++ b/nixos/doc/manual/configuration/profiles/hardened.xml
@@ -1,22 +1,24 @@
-
 <section xmlns="http://docbook.org/ns/docbook"
          xmlns:xlink="http://www.w3.org/1999/xlink"
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-profile-hardened">
  <title>Hardened</title>
+
  <para>
   A profile with most (vanilla) hardening options enabled by default,
   potentially at the cost of features and performance.
  </para>
+
  <para>
   This includes a hardened kernel, and limiting the system information
   available to processes through the <filename>/sys</filename> and
   <filename>/proc</filename> filesystems. It also disables the User Namespaces
   feature of the kernel, which stops Nix from being able to build anything
   (this particular setting can be overriden via
-  <xref linkend="opt-security.allowUserNamespaces"/>). See the <literal
+  <xref linkend="opt-security.allowUserNamespaces"/>). See the
+  <literal
    xlink:href="https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix">
-   profile source</literal> for further detail on which settings are altered.
+  profile source</literal> for further detail on which settings are altered.
  </para>
 </section>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-13 04:38:50 +0000