Merge pull request #6624 from joachifm/grsec-lock

nixos: grsec-lock service fixes

nixos/modules/security/grsecurity.nix

@@ -286,10 +286,11 @@ in
 
     systemd.services.grsec-lock = mkIf cfg.config.sysctl {
       description     = "grsecurity sysctl-lock Service";
-      requires        = [ "sysctl.service" ];
+      requires        = [ "systemd-sysctl.service" ];
       wantedBy        = [ "multi-user.target" ];
       serviceConfig.Type = "oneshot";
       serviceConfig.RemainAfterExit = "yes";
+      unitConfig.ConditionPathIsReadWrite = "/proc/sys/kernel/grsecurity/grsec_lock";
       script = ''
         locked=`cat /proc/sys/kernel/grsecurity/grsec_lock`
         if [ "$locked" == "0" ]; then