/mnt/$host/home: layer bwrap sandboxing after the drop-privileges passoff

hosts/common/fs.nix

@@ -147,7 +147,6 @@ let
       #VVV this includes anything it reads from, e.g. /bin/sh; /nix/store/...
       # see `systemd-analyze filesystems` for a full list
       mount.mountConfig.RestrictFileSystems = "@common-block @basic-api fuse";
-      mount.mountConfig.RestrictNamespaces = true;
       mount.mountConfig.RestrictRealtime = true;
       mount.mountConfig.RestrictSUIDSGID = true;
       mount.mountConfig.SystemCallArchitectures = "native";
@@ -164,6 +163,7 @@ let
       mount.mountConfig.IPAddressAllow = "10.0.0.0/8";
       mount.mountConfig.DevicePolicy = "closed";  # only allow /dev/{null,zero,full,random,urandom}
       mount.mountConfig.DeviceAllow = "/dev/fuse";
+      # mount.mountConfig.RestrictNamespaces = true;  #< my sshfs sandboxing uses bwrap
     };
   };
   remoteServo = subdir: let

hosts/common/programs/assorted.nix

@@ -1093,7 +1093,17 @@ in
 
     sqlite = {};
 
-    sshfs-fuse = {};  # used by fs.nix
+    sshfs-fuse.sandbox.enable = true;  # used by fs.nix
+    sshfs-fuse.sandbox.method = "bwrap";  #< N.B. if you call this from the CLI -- without `mount.fuse` -- set this to `none`
+    sshfs-fuse.sandbox.net = "all";
+    sshfs-fuse.sandbox.autodetectCliPaths = "parent";
+    # sshfs-fuse.sandbox.extraPaths = [
+    #   "/dev/fd"  # fuse.mount3 -o drop_privileges passes us data over /dev/fd/3
+    #   "/mnt"  # XXX: not sure why i need all this, instead of just /mnt/desko, or /mnt/desko/home, etc
+    # ];
+    sshfs-fuse.sandbox.extraHomePaths = [
+      ".ssh/id_ed25519"  #< TODO: add -o foo,bar=path/to/thing style arguments to autodetection
+    ];
 
     strace.sandbox.enable = false;  #< needs to `exec` its args, and therefore support *anything*