From 6d37c531f2acfacb8776f0d03e5ad6ca50b6477c Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Tue, 3 Sep 2024 17:07:05 +0000
Subject: [PATCH] procps: sandbox with bunpen (note that i only use sub items
 of it though, like free and pidof)

---
 hosts/common/programs/assorted.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hosts/common/programs/assorted.nix b/hosts/common/programs/assorted.nix
index c2f63265d..bf630e343 100644
--- a/hosts/common/programs/assorted.nix
+++ b/hosts/common/programs/assorted.nix
@@ -1011,8 +1011,9 @@ in
     ];
 
     # procps: free, pgrep, pidof, pkill, ps, pwait, top, uptime, couple others
-    procps.sandbox.method = "bwrap";
+    procps.sandbox.method = "bunpen";
     procps.sandbox.isolatePids = false;
+    procps.sandbox.extraPaths = [ "/proc" ];
 
     pstree.sandbox.method = "bunpen";
     pstree.sandbox.extraPaths = [