Eisfunke's Lix Fork
Find a file
Alois Wohlschlager f047e4357b libstore/build: always enable seccomp filtering and no-new-privileges
Seccomp filtering and the no-new-privileges functionality improve the security
of the sandbox, and have been enabled by default for a long time. In
lix-project/lix#265 it was decided that they
should be enabled unconditionally. Accordingly, remove the allow-new-privileges
(which had weird behavior anyway) and filter-syscall settings, and force the
security features on. Syscall filtering can still be enabled at build time to
support building on architectures libseccomp doesn't support.

Change-Id: Iedbfa18d720ae557dee07a24f69b2520f30119cb
2024-05-24 21:19:29 +00:00
.github remove Github workflow files 2024-04-28 02:56:19 -06:00
bench Add benchmarking scripts 2024-04-08 19:50:24 -07:00
clang-tidy clang-tidy: work with angle brackets and external projects 2024-05-24 02:22:58 +00:00
contrib function-trace: always show the trace 2019-09-18 23:23:21 +02:00
doc libstore/build: always enable seccomp filtering and no-new-privileges 2024-05-24 21:19:29 +00:00
lix-doc lix-doc: don't chomp bold headings off 2024-05-15 15:24:03 -07:00
maintainers Merge "chore: remove incorrect maintainers/*.md documentation" into main 2024-05-20 12:35:20 +00:00
meson packaging: rename nixexpr -> lixexpr and so on 2024-05-23 16:45:23 -06:00
misc doc: sort change-authors.yml 2024-05-23 02:09:05 +00:00
nix-support binary tarball: include cacert in root paths 2024-04-12 07:04:37 -06:00
perl packaging: rename nixexpr -> lixexpr and so on 2024-05-23 16:45:23 -06:00
scripts remove the autoconf+Make buildsystem 2024-05-07 17:04:30 -06:00
src libstore/build: always enable seccomp filtering and no-new-privileges 2024-05-24 21:19:29 +00:00
tests libstore/build: always enable seccomp filtering and no-new-privileges 2024-05-24 21:19:29 +00:00
.clang-format Add pre-commit checks 2024-03-29 22:57:40 -07:00
.clang-tidy Add basic clang-tidy config 2024-03-29 20:26:38 -07:00
.dir-locals.el .dir-locals.el: Set c-block-comment-prefix 2020-07-10 11:21:06 +02:00
.editorconfig add editorconfig for markdown 2024-05-24 02:22:44 +00:00
.envrc Set MAKEFLAGS=-j and GTEST_BRIEF in .envrc 2024-03-28 18:17:28 -07:00
.gitignore gitignore nocontribmsg 2024-05-05 20:39:54 +00:00
.version Update version to 2.90.0 2024-03-07 19:57:39 -07:00
boehmgc-coroutine-sp-fallback.diff Add pre-commit checks 2024-03-29 22:57:40 -07:00
boehmgc-traceable_allocator-public.diff Add pre-commit checks 2024-03-29 22:57:40 -07:00
CONTRIBUTING.md chore: re-work the contribution guide 2024-05-07 01:28:35 +00:00
COPYING Add pre-commit checks 2024-03-29 22:57:40 -07:00
default.nix Format Nix code with nixfmt 2024-04-08 13:00:00 -07:00
docker.nix Format Nix code with nixfmt 2024-04-08 13:00:00 -07:00
flake.lock flake: update nixpkgs input to latest nixos-23.11 2024-05-08 23:03:28 +02:00
flake.nix release-notes: build unreleased release notes by default 2024-05-15 15:01:38 -07:00
justfile justfile: remove --quiet from just test 2024-05-24 02:22:25 +00:00
meson.build libstore/build: always enable seccomp filtering and no-new-privileges 2024-05-24 21:19:29 +00:00
meson.options meson: correctly embed sandbox shell when asked 2024-04-18 16:15:58 -06:00
package.nix make CTRL+Z work in the REPL 2024-05-24 03:10:12 +00:00
precompiled-headers.h Config: Use nlohmann/json 2020-08-20 11:02:16 +02:00
README.md fix: readme typo 2024-05-06 18:14:48 -07:00
shell.nix Remove url literals 2022-01-24 13:28:21 +01:00
treefmt.toml Format Nix code with nixfmt 2024-04-08 13:00:00 -07:00

Lix

Lix is an implementation of Nix, a powerful package management system for Linux and other Unix systems that makes package management reliable and reproducible.

Read more about us at https://lix.systems.

Installation

On Linux and macOS the easiest way to install Nix is to run the following shell command (as a user other than root):

$ curl -sSf -L https://install.lix.systems/lix | sh -s -- install

For systems that already have Nix installed, such as NixOS systems, read our install page

Building And Developing

See our Hacking guide in our manual for instruction on how to to set up a development environment and build Lix from source.

Additional Resources

License

Lix is released under the LGPL v2.1.