search

DavHau / nix-portable

Nix - Static, Permissionless, Installation-free, Pre-configured
MIT License
870 stars 31 forks source link

Add another ignored acl #39

Closed Jonpez2 closed 1 year ago

Jonpez2 commented 2 years ago

Removal of security.csm is never a good idea, and breaks you on GKE. So let's not!

Jonpez2 commented 1 year ago

Yeah this is no longer needed as we upstreamed it into nix itself.

On Wed, 11 Jan 2023 at 20:29, Jörg Thalheim @.***> wrote:

@.**** commented on this pull request.

In default.nix https://github.com/DavHau/nix-portable/pull/39#discussion_r1067429020:

@@ -139,7 +138,7 @@ let

   echo "build-users-group = " > \$dir/conf/nix.conf
   echo "experimental-features = nix-command flakes" >> \$dir/conf/nix.conf
  • echo "ignored-acls = security.selinux system.nfs4_acl" >> \$dir/conf/nix.conf
  • echo "ignored-acls = security.selinux system.nfs4_acl security.csm" >> \$dir/conf/nix.conf

Is this setting really needed? reading the nix source code this list seems to be blocked by default already.

— Reply to this email directly, view it on GitHub https://github.com/DavHau/nix-portable/pull/39#pullrequestreview-1244570515, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABN425O4YLHROQYLN3OPT5LWR4J3RANCNFSM5V3CL74A . You are receiving this because you authored the thread.Message ID: @.***>