procps: sandbox with bunpen (note that i only use sub items of it though, like free and pidof)

2024-09-03 17:07:05 +00:00
parent 1d8f825bc6
commit 6d37c531f2
1 changed files with 2 additions and 1 deletions
--- a/hosts/common/programs/assorted.nix
+++ b/hosts/common/programs/assorted.nix
@@ -1011,8 +1011,9 @@ in
    ];

    # procps: free, pgrep, pidof, pkill, ps, pwait, top, uptime, couple others
-    procps.sandbox.method = "bwrap";
+    procps.sandbox.method = "bunpen";
    procps.sandbox.isolatePids = false;
+    procps.sandbox.extraPaths = [ "/proc" ];

    pstree.sandbox.method = "bunpen";
    pstree.sandbox.extraPaths = [