/run/wrappers: remove unused newgidmap,newuidmap,newgrp binaries
This commit is contained in:
parent
af72f312d3
commit
9ce7dcd57a
|
@ -2,6 +2,19 @@
|
||||||
|
|
||||||
{ lib, ... }:
|
{ lib, ... }:
|
||||||
{
|
{
|
||||||
|
# remove a few items from /run/wrappers we don't need.
|
||||||
|
# these were populated by <repo:nixos/nixpkgs:nixos/modules/programs/shadow.nix>
|
||||||
|
options.security.wrappers = lib.mkOption {
|
||||||
|
apply = lib.filterAttrs (name: _: !(builtins.elem name [
|
||||||
|
"newgidmap"
|
||||||
|
"newgrp"
|
||||||
|
"newuidmap"
|
||||||
|
# "sg"
|
||||||
|
# "su"
|
||||||
|
]));
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
# disable non-required packages like nano, perl, rsync, strace
|
# disable non-required packages like nano, perl, rsync, strace
|
||||||
environment.defaultPackages = [];
|
environment.defaultPackages = [];
|
||||||
|
|
||||||
|
@ -85,4 +98,5 @@
|
||||||
# - on x86 only: more keyboard stuff: "pcips2" "atkbd" "i8042"
|
# - on x86 only: more keyboard stuff: "pcips2" "atkbd" "i8042"
|
||||||
|
|
||||||
boot.initrd.includeDefaultModules = lib.mkDefault false;
|
boot.initrd.includeDefaultModules = lib.mkDefault false;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user