commit 97bd3ca43767466bd52a8a3320b71a1ffc0daa0a parent fa66347002d89a66ddcfe2f46ec1202317f6cc73 Author: Toni Brown <me@tb148.net> Date: Fri, 8 May 2026 16:15:01 +0800 fix new cve Diffstat:
| M | remote/system/boot/default.nix | | | 8 | ++++++++ |
1 file changed, 8 insertions(+), 0 deletions(-)
diff --git a/remote/system/boot/default.nix b/remote/system/boot/default.nix @@ -5,4 +5,12 @@ boot.loader.limine.biosDevice = "/dev/sda"; boot.loader.limine.maxGenerations = 4; boot.kernelPackages = pkgs.linuxPackages_latest; + + boot.blacklistedKernelModules = ["esp4" "esp6" "rxrpc"]; + boot.extraModprobeConfig = + builtins.concatStringsSep "\n" [ + "install esp4 /run/current-system/sw/bin/false" + "install esp6 /run/current-system/sw/bin/false" + "install rxrpc /run/current-system/sw/bin/false" + ]; }