nix-bitcoin/modules/presets/hardened.nix

{
  imports = [
    # Source: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix
    <nixpkgs/nixos/modules/profiles/hardened.nix>
  ];

  ## Reset some options set by the hardened profile

  # Needed for sandboxed builds and services
  security.allowUserNamespaces = true;

  # The "scudo" allocator is broken on NixOS >= 20.09
  environment.memoryAllocator.provider = "libc";
}
fix 'hardened' profile for NixOS 20.09 The 'scudo' memory allocator set by the 'hardened' profile breaks some services on 20.09. The fix for NixOS unstable (https://github.com/NixOS/nixpkgs/pull/104052) is ineffective on 20.09. As a workaround, add a custom 'hardened' preset that uses the default allocator. 2020-12-16 09:57:57 -08:00			`{`
			`imports = [`
			`# Source: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix`
			`<nixpkgs/nixos/modules/profiles/hardened.nix>`
			`];`

			`## Reset some options set by the hardened profile`

			`# Needed for sandboxed builds and services`
			`security.allowUserNamespaces = true;`

update to NixOS 21.05 2021-08-04 15:48:56 -07:00			`# The "scudo" allocator is broken on NixOS >= 20.09`
fix 'hardened' profile for NixOS 20.09 The 'scudo' memory allocator set by the 'hardened' profile breaks some services on 20.09. The fix for NixOS unstable (https://github.com/NixOS/nixpkgs/pull/104052) is ineffective on 20.09. As a workaround, add a custom 'hardened' preset that uses the default allocator. 2020-12-16 09:57:57 -08:00			`environment.memoryAllocator.provider = "libc";`
			`}`