From 49f7cde4cd4addd297bb118328cf920e0a556073 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moritz=20B=C3=B6hme?= <mail@moritzboeh.me>
Date: Sun, 7 May 2023 12:04:17 +0200
Subject: [PATCH] refactor: rename deprecated option

---
 modules/security/default.nix | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/modules/security/default.nix b/modules/security/default.nix
index 4ae5302..5b01fc2 100644
--- a/modules/security/default.nix
+++ b/modules/security/default.nix
@@ -3,9 +3,6 @@
 , ...
 }: {
   ## System security tweaks
-  # sets hidepid=2 on /proc (make process info visible only to owning user)
-  # NOTE Was removed on nixpkgs-unstable because it doesn't do anything
-  # security.hideProcessInformation = true;
   # Prevent replacing the running kernel w/o reboot
   security.protectKernelImage = lib.mkDefault true;
 
@@ -14,7 +11,7 @@
   boot.tmp.useTmpfs = lib.mkDefault true;
   # If not using tmpfs, which is naturally purged on reboot, we must clean it
   # /tmp ourselves. /tmp should be volatile storage!
-  boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmpOnTmpfs);
+  boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs);
 
   # Fix a security hole in place for backwards compatibility. See desc in
   # nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix