summary refs log tree commit diff
path: root/gnu
diff options
context:
space:
mode:
authorVagrant Cascadian <vagrant@debian.org>2019-09-29 10:11:50 -0700
committerVagrant Cascadian <vagrant@debian.org>2019-09-29 15:10:32 -0700
commit18b3ba6ff2f096193161742a06e4c1ae12600d0c (patch)
tree431344f1ad8b995b0383b4a12ed36d968c259f75 /gnu
parent2d74d42a65f14e2f4433e9784422841ed308e92d (diff)
downloadguix-18b3ba6ff2f096193161742a06e4c1ae12600d0c.tar.gz
gnu: %default-extra-linux-options: Ensure namespaces are enabled in all
linux-libre kernels.

The linux-libre kernels using defconfig may not have namespaces enabled, which
is needed for the default guix-daemon configuration in Guix System.

* gnu/packages/linux (%default-extra-linux-options): Enable CONFIG_NAMESPACES,
  CONFIG_UTS_NS, CONFIG_IPC_NS, CONFIG_USER_NS, CONFIG_PID_NS, and
  CONFIG_NET_NS.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/packages/linux.scm7
1 files changed, 7 insertions, 0 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 876eb005af..fed8d8b96d 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -564,6 +564,13 @@ for ARCH and optionally VARIANT, or #f if there is no such configuration."
 (define %default-extra-linux-options
   `(;; Some very mild hardening.
     ("CONFIG_SECURITY_DMESG_RESTRICT" . #t)
+    ;; All kernels should have NAMESPACES options enabled
+    ("CONFIG_NAMESPACES" . #t)
+    ("CONFIG_UTS_NS" . #t)
+    ("CONFIG_IPC_NS" . #t)
+    ("CONFIG_USER_NS" . #t)
+    ("CONFIG_PID_NS" . #t)
+    ("CONFIG_NET_NS" . #t)
     ;; Modules required for initrd:
     ("CONFIG_NET_9P" . m)
     ("CONFIG_NET_9P_VIRTIO" . m)