bonsai: sandbox
This commit is contained in:
parent
711865018d
commit
c747855810
|
@ -111,6 +111,11 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sandbox.method = "bwrap";
|
||||||
|
sandbox.extraRuntimePaths = [
|
||||||
|
"/" #< just needs "bonsai", but needs to create it first...
|
||||||
|
];
|
||||||
|
|
||||||
services.bonsaid = {
|
services.bonsaid = {
|
||||||
description = "bonsai: programmable input dispatcher";
|
description = "bonsai: programmable input dispatcher";
|
||||||
after = [ "graphical-session.target" ];
|
after = [ "graphical-session.target" ];
|
||||||
|
|
|
@ -102,7 +102,6 @@ in
|
||||||
"sway"
|
"sway"
|
||||||
"wvkbd"
|
"wvkbd"
|
||||||
];
|
];
|
||||||
|
|
||||||
sandbox.method = "bwrap";
|
sandbox.method = "bwrap";
|
||||||
sandbox.whitelistAudio = true;
|
sandbox.whitelistAudio = true;
|
||||||
sandbox.whitelistDbus = [ "user" ]; #< to launch applications
|
sandbox.whitelistDbus = [ "user" ]; #< to launch applications
|
||||||
|
@ -137,6 +136,10 @@ in
|
||||||
# };
|
# };
|
||||||
# };
|
# };
|
||||||
|
|
||||||
|
# TODO: duplicated sandboxing here is just ugly
|
||||||
|
sane.programs.bonsai.sandbox = lib.mkIf cfg.enabled (
|
||||||
|
builtins.removeAttrs cfg.sandbox [ "method" ] #< else infinite recursion
|
||||||
|
);
|
||||||
sane.programs.bonsai.config.transitions = lib.mkIf cfg.enabled (friendlyToBonsai {
|
sane.programs.bonsai.config.transitions = lib.mkIf cfg.enabled (friendlyToBonsai {
|
||||||
# map sequences of "events" to an argument to pass to sane-input-handler
|
# map sequences of "events" to an argument to pass to sane-input-handler
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user