programs: strings: sandbox
This commit is contained in:
parent
a1c721d5b4
commit
6aaa724abf
|
@ -1,6 +1,12 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
sane.programs.strings = {
|
||||
# binutils-unwrapped is like 80 MiB, just for this one binary;
|
||||
# dynamic linking means copying the binary doesn't reduce the closure much at all compared to just symlinking it.
|
||||
packageUnwrapped = pkgs.linkIntoOwnPackage pkgs.binutils-unwrapped "bin/strings";
|
||||
|
||||
sandbox.method = "landlock";
|
||||
sandbox.wrapperType = "wrappedDerivation";
|
||||
sandbox.autodetectCliPaths = "existing";
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user