mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-17 15:22:59 +01:00
904f68fb0f
The security.wrappers option is morally a set of submodules but it's actually (un)typed as a generic attribute set. This is bad for several reasons: 1. Some of the "submodule" option are not document; 2. the default values are not documented and are chosen based on somewhat bizarre rules (issue #23217); 3. It's not possible to override an existing wrapper due to the dumb types.attrs.merge strategy; 4. It's easy to make mistakes that will go unnoticed, which is really bad given the sensitivity of this module (issue #47839). This makes the option a proper set of submodule and add strict types and descriptions to every sub-option. Considering it's not yet clear if the way the default values are picked is intended, this reproduces the current behavior, but it's now documented explicitly. |
||
|---|---|---|
| .. | ||
| apparmor | ||
| wrappers | ||
| acme.nix | ||
| acme.xml | ||
| apparmor.nix | ||
| audit.nix | ||
| auditd.nix | ||
| ca.nix | ||
| chromium-suid-sandbox.nix | ||
| dhparams.nix | ||
| doas.nix | ||
| duosec.nix | ||
| google_oslogin.nix | ||
| lock-kernel-modules.nix | ||
| misc.nix | ||
| oath.nix | ||
| pam.nix | ||
| pam_mount.nix | ||
| pam_usb.nix | ||
| polkit.nix | ||
| rngd.nix | ||
| rtkit.nix | ||
| sudo.nix | ||
| systemd-confinement.nix | ||
| tpm2.nix | ||