Add security.csm to ignored-acls

The security.csm ACL is, as far as I know, never reasonable to remove, so let's add it to the ignore-list in the vanilla nix image.  This makes this image usable on GKE.
This commit is contained in:
Jonpez2 2022-06-06 16:56:42 +01:00 committed by GitHub
parent 1dd7253133
commit 0cd560c95d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -125,6 +125,7 @@ let
sandbox = "false"; sandbox = "false";
build-users-group = "nixbld"; build-users-group = "nixbld";
trusted-public-keys = "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="; trusted-public-keys = "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=";
ignored-acls = security.csm;
}; };
nixConfContents = (lib.concatStringsSep "\n" (lib.mapAttrsFlatten (n: v: "${n} = ${v}") nixConf)) + "\n"; nixConfContents = (lib.concatStringsSep "\n" (lib.mapAttrsFlatten (n: v: "${n} = ${v}") nixConf)) + "\n";