Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity

Revert "Flake: add nixpkgs patch to fix rtkit"

Browse source 
This reverts commit 13c1d5864d.
This commit is contained in:
Toast 2025-11-01 18:44:01 +01:00
parent 03b73e7090
commit d916c8f36a
2 changed files with 0 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -101,7 +101,6 @@
name = "patched-nixpkgs-unstable"; name = "patched-nixpkgs-unstable";
src = nixpkgs-unstable-raw; src = nixpkgs-unstable-raw;
patches = [ patches = [
./nixpkgs-patches/pr455128.patch
]; ];
}; };
nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches { nixpkgs-patched = nixpkgs-raw.legacyPackages.x86_64-linux.applyPatches {

22
nixpkgs-patches/pr455128.patch
View file

@ -1,22 +0,0 @@
From 2e9d838795edcec2b79dda0284acf27ee34b1ecc Mon Sep 17 00:00:00 2001
From: h7x4 <h7x4@nani.wtf>
Date: Fri, 24 Oct 2025 14:24:14 +0900
Subject: [PATCH] nixos/rtkit: fix hardening
---
nixos/modules/security/rtkit.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/nixos/modules/security/rtkit.nix b/nixos/modules/security/rtkit.nix
index d7c6df17f03b9..f2cd256468da9 100644
--- a/nixos/modules/security/rtkit.nix
+++ b/nixos/modules/security/rtkit.nix
@@ -64,7 +64,7 @@ in
];
# Needs to verify the user of the processes.
- PrivateUsers = "full";
+ PrivateUsers = false;
# Needs to access other processes to modify their scheduling modes.
ProcSubset = "all";
ProtectProc = "default";