colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

programs/sandbox: include udev rules in the sandboxed program output

Browse Source 
notably, this fixes feedbackd so that the PPP haptics/vibrator is writable by the user
This commit is contained in:
Colin
2024-10-22 07:01:18 +00:00
parent c4ca651754
commit 1c57b9ce9e
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/programs/make-sandboxed.nix
View File

@@ -358,6 +358,11 @@ let
done
done
for d in $outdir/lib/udev/rules.d/*.rules; do
trySubstitute "$d" '"'"%s/$binLoc"
trySubstitute "$d" '"'"%s/share"
done
for d in $outdir/share/polkit-1/actions/*.policy; do
trySubstitute "$d" '<annotate key="org.freedesktop.policykit.exec.path">'"%s/$binLoc/"
done
@@ -396,7 +401,7 @@ let
# patch them to use the sandboxed binaries,
# and add some passthru metadata to enforce no lingering references to the unsandboxed binaries.
sandboxNonBinaries = pkgName: unsandboxed: sandboxedBin: let
sandboxedWithoutFixedRefs = symlinkDirs "non-bin" [ "etc" "share" ] pkgName unsandboxed;
sandboxedWithoutFixedRefs = symlinkDirs "non-bin" [ "lib/udev/rules.d" "etc" "share" ] pkgName unsandboxed;
in fixHardcodedRefs unsandboxed sandboxedBin sandboxedWithoutFixedRefs;
# take the nearly-final sandboxed package, with binaries and all else, and