colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

programs: bemenu: fix sandboxing

Browse Source
This commit is contained in:
Colin 2024-02-15 14:33:20 +00:00
parent 0394aa65e9
commit 24d23f7903
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/common/programs/bemenu.nix
View File

@ -87,8 +87,13 @@ let
in
{
sane.programs.bemenu = {
sandbox.method = "landlock";
sandbox.method = "bwrap"; # landlock works, but requires *all* of /run/user/$ID to be granted.
sandbox.wrapperType = "wrappedDerivation";
sandbox.whitelistWayland = true;
sandbox.extraHomePaths = [
".cache/fontconfig" #< else it complains, and is *way* slower
];
packageUnwrapped = pkgs.bemenu.overrideAttrs (upstream: {
nativeBuildInputs = (upstream.nativeBuildInputs or []) ++ [
pkgs.makeWrapper