!DBFhtjpqmJNENpLDOv:nixos.org

NixOS systemd

644 Members
NixOS ❤️ systemd185 Servers

Load older messages

SenderMessageTime
24 May 2021
@rajivr:matrix.orgrajivr joined the room.03:32:40
9 Apr 2025
@elvishjerricco:matrix.orgElvishJerriccowhat are you actually trying to do?19:47:35
24 May 2021
@vika:matrix.nice.sampler.fivika (she/her) 🏳️‍⚧️ joined the room.07:12:13
9 Apr 2025
@arianvp:matrix.orgArianNot true. You can do sandboxing on the slice level19:55:40
24 May 2021
@plabadens:matrix.orgplabadens joined the room.10:19:13
9 Apr 2025
@elvishjerricco:matrix.orgElvishJerriccooh?19:56:15
24 May 2021
@talyz:matrix.orgtalyz joined the room.11:59:32
9 Apr 2025
@arianvp:matrix.orgArianE.g. I have IPAdddressDeny=169.254.169.254 on. -.slice to make sure no service can access the metadata server unless I explicitly allow it19:56:26
24 May 2021
@veggushroom:matrix.orgpapojari 🏳️‍🌈 ☭ (we/us) (Old) left the room.14:53:34
9 Apr 2025
@arianvp:matrix.orgArianAll units in a slice inherit all the sandboxing options19:56:40
25 May 2021
@aasg:aasg.nameAluísio Augusto Silva Gonçalves joined the room.06:40:36
9 Apr 2025
@arianvp:matrix.orgArian* All units in a slice inherit all the sandboxing options of that slice19:56:53
25 May 2021
@amikke:matrix.orgamikke joined the room.11:39:43
9 Apr 2025
@elvishjerricco:matrix.orgElvishJerricco that works because IPAddressDeny is a cgroup thing 19:57:09
25 May 2021
@princemachiavelli:matrix.orgprincemachiavelli joined the room.15:21:12
9 Apr 2025
@elvishjerricco:matrix.orgElvishJerriccoslices are about cgroups19:57:12
25 May 2021
@zopieux:matrix.zopi.euzopieux joined the room.17:30:05
9 Apr 2025
@elvishjerricco:matrix.orgElvishJerricco e.g. PrivateTmp is about namespaces 19:57:19
@elvishjerricco:matrix.orgElvishJerriccowhich slices have nothing to do with19:57:22
25 May 2021
@mvtva:matrix.orgmvnetbiz changed their display name from mvtva to mvnetbiz.23:25:42
9 Apr 2025
@arianvp:matrix.orgArianAaaaaah yeh. That is in systemd.resource-control19:57:45
26 May 2021
@plabadens:matrix.orgplabadens set a profile picture.10:05:28
9 Apr 2025
@arianvp:matrix.orgArianYou're right. Slice units can have settings from systemd.exec19:57:59
26 May 2021
@justinrestivo:matrix.orgjustinrestivo joined the room.12:27:38
9 Apr 2025
@arianvp:matrix.orgArian* You're right. Slice units can not have settings from systemd.exec19:58:17
26 May 2021
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/124435/files#diff-284b1cb0fc0427dcf6c404c9d67183be977048f3261d8ecd63653753a496a868R10715:19:48
9 Apr 2025
@saiko:knifepoint.netdblsaiko ⚧︎ 🔪 changed their display name from dblsaiko 🔪 to dblsaiko ⚧︎ 🔪.20:07:04
26 May 2021
@hexa:lossy.networkhexa
Note that database_path should not be set because the services reliance on systemd StateDir.
15:19:59
@hexa:lossy.networkhexa What would be a reasonable way to handle this? I'm thinking an mkOption with readOnly = true, but there might be a realistic wish to move the state directory to another volume 15:21:51
@hexa:lossy.networkhexa Is ReadWritePath the way? 15:22:32

There are no newer messages yet.

Back to Room ListRoom Version: 6