Merge pull request #18 from boinkor-net/fix-protect-proc

nixos: set systemd service's ProtectProc setting to "noaccess"
boinkor-net · Aug 11, 2023 · 6b1d972 · 6b1d972
2 parents d2a0f93 + 201d4a5
commit 6b1d972
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/nixos/default.nix b/nixos/default.nix
@@ -188,7 +188,7 @@
               ProtectClock = true;
               ProtectControlGroups = true;
               ProtectHome = true;
-              ProtectProc = true;
+              ProtectProc = "noaccess";
               ProtectKernelModules = true;
               ProtectHostname = true;
               ProtectKernelLogs = true;