forked from lix-project/lix
alois31
f047e4357b
Seccomp filtering and the no-new-privileges functionality improve the security
of the sandbox, and have been enabled by default for a long time. In
lix-project/lix#265 it was decided that they
should be enabled unconditionally. Accordingly, remove the allow-new-privileges
(which had weird behavior anyway) and filter-syscall settings, and force the
security features on. Syscall filtering can still be enabled at build time to
support building on architectures libseccomp doesn't support.
Change-Id:
|
||
---|---|---|
.github | ||
bench | ||
clang-tidy | ||
contrib | ||
doc | ||
lix-doc | ||
maintainers | ||
meson | ||
misc | ||
nix-support | ||
perl | ||
scripts | ||
src | ||
tests | ||
.clang-format | ||
.clang-tidy | ||
.dir-locals.el | ||
.editorconfig | ||
.envrc | ||
.gitignore | ||
.version | ||
boehmgc-coroutine-sp-fallback.diff | ||
boehmgc-traceable_allocator-public.diff | ||
CONTRIBUTING.md | ||
COPYING | ||
default.nix | ||
docker.nix | ||
flake.lock | ||
flake.nix | ||
justfile | ||
meson.build | ||
meson.options | ||
package.nix | ||
precompiled-headers.h | ||
README.md | ||
shell.nix | ||
treefmt.toml |
Lix
Lix is an implementation of Nix, a powerful package management system for Linux and other Unix systems that makes package management reliable and reproducible.
Read more about us at https://lix.systems.
Installation
On Linux and macOS the easiest way to install Nix is to run the following shell command (as a user other than root):
$ curl -sSf -L https://install.lix.systems/lix | sh -s -- install
For systems that already have Nix installed, such as NixOS systems, read our install page
Building And Developing
See our Hacking guide in our manual for instruction on how to to set up a development environment and build Lix from source.
Additional Resources
License
Lix is released under the LGPL v2.1.