summary refs log tree commit diff
path: root/nixos/modules/security
Commit message (Expand)AuthorAge
* nixos/sudo: Add myself as maintainernicoo2023-09-18
* nixos/sudo: Generate `sudo-i` PAM config for interactive use of `sudo-rs`nicoo2023-09-18
* nixos/sudo: Only wrap `sudoedit` when using Miller's sudonicoo2023-09-18
* nixos/{sudo, terminfo}: Adjust defaults for compatibility with `sudo-rs`nicoo2023-09-18
* nixos/sudo: Check syntax using the configured packagenicoo2023-09-18
* nixos/sudo: Drop the sudoers comment for `extraRules`nicoo2023-09-18
* nixos/sudo: Make the default rules' options configurablenicoo2023-09-18
* nixos/sudo: Handle `root`'s default rule through `extraRules`nicoo2023-09-18
* nixos/sudo: Drop useless `lib.` qualifiersnicoo2023-09-18
* nixos/sudo: Refactor checks for Todd C. Miller's implemetationnicoo2023-09-18
* nixos/sudo: Refactor option definitionsnicoo2023-09-18
* nixos/sudo: Only keep SSH_AUTH_SOCK if used for authenticationnicoo2023-09-18
* nixos/sudo: Don't include empty sectionsnicoo2023-09-18
* nixos/sudo: Split up `configFile` into individual sectionsnicoo2023-09-18
* nixos/acme: rename option credentialsFile to environmentFiledatafoo2023-09-11
* nixos/acme: add option to set credential filesdatafoo2023-09-11
* nixos/pam: fix typo in fscrypt enable optionmib2023-09-11
* Merge pull request #251770 from robryk/suidwrapapparmPierre Bourdon2023-09-10
|\
| * nixos/security/wrappers: remove all the assertions about readlink(/proc/self/...Robert Obryk2023-08-27
| * nixos/security/wrappers: read capabilities off /proc/self/exe directlyRobert Obryk2023-08-27
| * nixos/security/wrappers: stop using `.real` filesRobert Obryk2023-08-27
| * nixos/security/wrappers: generate a separate and more complete apparmor polic...Robert Obryk2023-08-27
* | security/acme: limit concurrent certificate generationsOliver Schmidt2023-09-09
* | nixos/sudo: Guard against `security.sudo.package = pkgs.sudo-rs;`nicoo2023-09-04
|/
* Revert "nixos/security/wrappers: simplifications and a fix for #98863"Pierre Bourdon2023-08-24
* nixos/security/wrappers: remove all the assertions about readlink(/proc/self/...Robert Obryk2023-08-16
* nixos/security/wrappers: read capabilities off /proc/self/exe directlyRobert Obryk2023-08-16
* nixos/security/wrappers: stop using `.real` filesRobert Obryk2023-08-16
* security/pam: add umask option to configure pam_mkhomedirAaron Andersen2023-08-10
* Merge pull request #231673 from symphorien/suid_wrappers_usernsRyan Lahfa2023-08-10
|\
| * nixos/wrappers: allow setuid and setgid wrappers to run in user namespacesGuillaume Girol2023-08-09
* | treewide: stop using types.stringLin Jian2023-08-08
* | Merge pull request #242538 from tnias/fix/apparmorajs1242023-08-04
|\ \
| * | nixos/apparmor: support custom i18n glibc localesPhilipp Bartsch2023-07-12
| * | nixos/apparmor: fix syntax in abstractions/bashPhilipp Bartsch2023-07-09
| * | nixos/apparmor: add missing abstraction/nss-systemdPhilipp Bartsch2023-07-09
| * | nixos/apparmor: make abstractions/ssl_certs more go friendlyPhilipp Bartsch2023-07-08
| |/
* | pam_dp9ik: init at 1.5Jacob Moody2023-07-09
* | nixos/qemu-vm: use CA certificates from hostMichael Hoang2023-07-06
|/
* treewide: use optional instead of 'then []'Felix Buehler2023-06-25
* nixos/pam: support KanidmMax2023-06-11
* nixos/pam_mount: fix mounts without options (#234026)Jenny2023-05-25
* nixos/pam_mount: fix cryptmount options (#232873)Jenny2023-05-20
* Merge pull request #231316 from hercules-ci/nixos-system.checksRobert Hensing2023-05-15
|\
| * nixos: Use checks instead of extraDependenciesRobert Hensing2023-05-11
* | Merge pull request #231954 from mac-chaffee/acme-ipv6Nick Cao2023-05-15
|\ \
| * | security/acme: Fix listenHTTP bug with IPv6 addressesMac Chaffee2023-05-14
* | | nixos/pam: fix ZFS support assertionRaito Bezarius2023-05-15
* | | nixos/pam: assert ZFS support for PAM moduleNicola Squartini2023-05-15
* | | nixos/pam: improve documentation of ZFS moduleNicola Squartini2023-05-15
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-04 21:49:24 +0000