nixos/murmur: Set ProtectProc to invisible

For documentation see https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectProc= Signed-off-by: Felix Singer <felixsinger@posteo.net>
2025-10-06 14:24:41 +02:00
parent 9bd10e556b
commit 9638a1ba24
1 changed files with 1 additions and 0 deletions
--- a/nixos/modules/services/networking/murmur.nix
+++ b/nixos/modules/services/networking/murmur.nix
@@ -358,6 +358,7 @@ in
        ProtectKernelLogs = true;
        ProtectKernelModules = true;
        ProtectKernelTunables = true;
        ProtectProc = "invisible";
        ProtectSystem = "strict";
        ReadWritePaths = [
          cfg.stateDir