modules/programs: sandbox: add "capshonly" as a valid sandbox.method

2024-01-28 05:57:11 +00:00
parent fa39a965ca
commit 97129268f0
1 changed files with 1 additions and 1 deletions
--- a/modules/programs/default.nix
+++ b/modules/programs/default.nix
@@ -216,7 +216,7 @@ let
        '';
      };
      sandbox.method = mkOption {
-        type = types.nullOr (types.enum [ "bwrap" "firejail" "landlock" ]);
+        type = types.nullOr (types.enum [ "bwrap" "capshonly" "firejail" "landlock" ]);
        default = null;  #< TODO: default to something non-null
        description = ''
          how/whether to sandbox all binaries in the package.