modules/profiles: remove sandbox.embedProfile option
with upcoming refactors, this setting would force a different package to be installed per user, which doesn't mesh with the existing sane.programs infra
This commit is contained in:
parent
f9a998eb92
commit
2ee34e9af3
|
@ -47,7 +47,6 @@ let
|
|||
autodetectCliPaths
|
||||
binMap
|
||||
capabilities
|
||||
embedProfile
|
||||
embedSandboxer
|
||||
extraConfig
|
||||
method
|
||||
|
@ -244,23 +243,11 @@ let
|
|||
type = types.bool;
|
||||
default = true;
|
||||
};
|
||||
sandbox.embedProfile = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
whether to embed the sandbox settings (path access, etc) into the wrapped binary that lives in /nix/store (true),
|
||||
or to encode only a profile name in the wrapper, and use it to query the settings at runtime (false).
|
||||
|
||||
embedded profile means you have to rebuild the wrapper any time you adjust the sandboxing flags,
|
||||
but it also means you can run the program without installing it: helpful for iteration.
|
||||
'';
|
||||
};
|
||||
sandbox.embedSandboxer = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
whether the sandboxed application should reference its sandboxer by path or by name.
|
||||
if you're setting this option you probably also want `embedProfile = true`
|
||||
'';
|
||||
};
|
||||
sandbox.wrapperType = mkOption {
|
||||
|
|
Loading…
Reference in New Issue
Block a user