modules/programs: sandbox: allow mimeo config in any sandbox
This commit is contained in:
parent
f6eeab5650
commit
567c7993b6
|
@ -45,7 +45,9 @@ let
|
||||||
inherit pkgName package;
|
inherit pkgName package;
|
||||||
inherit (sandbox) autodetectCliPaths binMap capabilities embedProfile embedSandboxer extraConfig method whitelistPwd wrapperType;
|
inherit (sandbox) autodetectCliPaths binMap capabilities embedProfile embedSandboxer extraConfig method whitelistPwd wrapperType;
|
||||||
vpn = if net == "vpn" then vpn else null;
|
vpn = if net == "vpn" then vpn else null;
|
||||||
allowedHomePaths = builtins.attrNames fs ++ builtins.attrNames persist.byPath ++ sandbox.extraHomePaths;
|
allowedHomePaths = builtins.attrNames fs ++ builtins.attrNames persist.byPath ++ sandbox.extraHomePaths ++ [
|
||||||
|
".config/mimeo" #< TODO: required, until i fully integrate xdg-open into sandboxing. else, `xdg-open https://...` inifinite-loops.
|
||||||
|
];
|
||||||
allowedRootPaths = [
|
allowedRootPaths = [
|
||||||
"/nix/store"
|
"/nix/store"
|
||||||
"/bin/sh"
|
"/bin/sh"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user