From 4e5e4219ec554ad5fcd34e240c5eca10a8892cff Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Fri, 16 Feb 2024 04:03:47 +0000
Subject: [PATCH] programs: usbutils: sandbox

---
 hosts/common/programs/assorted.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/hosts/common/programs/assorted.nix b/hosts/common/programs/assorted.nix
index af9a00a5..0238ee3d 100644
--- a/hosts/common/programs/assorted.nix
+++ b/hosts/common/programs/assorted.nix
@@ -567,6 +567,13 @@ in
     unzip.sandbox.autodetectCliPaths = "existingFileOrParent";
     unzip.sandbox.whitelistPwd = true;
 
+    usbutils.sandbox.method = "bwrap";  # breaks `usbhid-dump`, but `lsusb`, `usb-devices` work
+    usbutils.sandbox.wrapperType = "wrappedDerivation";
+    usbutils.sandbox.extraPaths = [
+      "/sys/devices"
+      "/sys/bus/usb"
+    ];
+
     visidata.sandbox.method = "bwrap";  # TODO:sandbox: untested
     visidata.sandbox.wrapperType = "wrappedDerivation";
     visidata.sandbox.autodetectCliPaths = true;