nixos/sysctl: Move changelog entry for yama

#256159 removed the default settings disabling it, but it was not merged in time for 23.11.
2023-11-30 12:55:27 +01:00 · 2023-11-30 12:55:27 +01:00 · d3ccd1aa2f
commit d3ccd1aa2f
parent 637577f1bb
2 changed files with 5 additions and 5 deletions
--- a/nixos/doc/manual/release-notes/rl-2311.section.md
+++ b/nixos/doc/manual/release-notes/rl-2311.section.md
@ -509,11 +509,6 @@ Make sure to also check the many updates in the [Nixpkgs library](#sec-release-2
 - Package `cloud-sql-proxy` was renamed to `google-cloud-sql-proxy` as it
  cannot be used with other cloud providers.

- The Yama LSM is now enabled by default in the kernel, which prevents ptracing
-  non-child processes. This means you will not be able to attach gdb to an
-  existing process, but will need to start that process from gdb (so it is a
-  child). Or you can set `boot.kernel.sysctl."kernel.yama.ptrace_scope"` to 0.
-
 - Package `pash` was removed due to being archived upstream. Use `powershell`
  as an alternative.

--- a/nixos/doc/manual/release-notes/rl-2405.section.md
+++ b/nixos/doc/manual/release-notes/rl-2405.section.md
@ -30,3 +30,8 @@ In addition to numerous new and upgraded packages, this release has the followin
 - Programs written in [Nim](https://nim-lang.org/) are built with libraries selected by lockfiles.
  The `nimPackages` and `nim2Packages` sets have been removed.
  See https://nixos.org/manual/nixpkgs/unstable#nim for more information.
+
+- The Yama LSM is now enabled by default in the kernel, which prevents ptracing
+  non-child processes. This means you will not be able to attach gdb to an
+  existing process, but will need to start that process from gdb (so it is a
+  child). Or you can set `boot.kernel.sysctl."kernel.yama.ptrace_scope"` to 0.