systemd.services.<name>.confinement.packages
Additional packages or strings with context to add to the closure of
the chroot. By default, this includes all the packages from the
serviceConfig.ExecReload, serviceConfig.ExecStartPost, serviceConfig.ExecStartPre, serviceConfig.ExecStop, serviceConfig.ExecStopPost and serviceConfig.ExecStart options. If you want to have all the
dependencies of this systemd unit, you can use
confinement.fullUnit.
The store paths listed in path are
not included in the closure as
well as paths from other options except those listed
above.
- Type
list of (string or package)- Default
[ ]- Declared
- <nixpkgs/nixos/modules/security/systemd-confinement.nix>