unbound: Add AF_NETLINK to allowed address families.

Unbound throws the following error: --8<---------------cut here---------------start------------->8--- error: failed to list interfaces: getifaddrs: Address family not supported by protocol fatal error: could not open ports --8<---------------cut here---------------end--------------->8--- The solution is pulled from upstream: https://github.com/NLnetLabs/unbound/pull/351
author: Peng Mei Yu <i@pengmeiyu.com> 2020-12-08 09:18:13 +0800
committer: Peng Mei Yu <i@pengmeiyu.com> 2020-12-08 14:31:15 +0800
commit: 3cd1a6706ceaeca09b3cc15322f9c75d25883a46 (patch)
tree: a031869b5d3dc98c49dd959e5fd4b57c7b3377f0 /nixos/modules
parent: 652b3fad35fa0bec9bde7106ca40893eebd73d73 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/unbound.nix b/nixos/modules/services/networking/unbound.nix
index 9a46fa3075fa..622c3d8ea434 100644
--- a/nixos/modules/services/networking/unbound.nix
+++ b/nixos/modules/services/networking/unbound.nix
@@ -195,7 +195,7 @@ in
         RuntimeDirectory = "unbound";
         ConfigurationDirectory = "unbound";
         StateDirectory = "unbound";
-        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
+        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_NETLINK" "AF_UNIX" ];
         RestrictRealtime = true;
         SystemCallArchitectures = "native";
         SystemCallFilter = [
author	Peng Mei Yu <i@pengmeiyu.com>	2020-12-08 09:18:13 +0800
committer	Peng Mei Yu <i@pengmeiyu.com>	2020-12-08 14:31:15 +0800
commit	3cd1a6706ceaeca09b3cc15322f9c75d25883a46 (patch)
tree	a031869b5d3dc98c49dd959e5fd4b57c7b3377f0 /nixos/modules
parent	652b3fad35fa0bec9bde7106ca40893eebd73d73 (diff)