colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

programs: re-enable sandbox for tumiki-fighters and losslesscut (X applications)

Browse Source
This commit is contained in:
Colin
2024-02-15 00:09:40 +00:00
parent 5f1036118f
commit dcc2eb265d
1 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
hosts/common/programs/assorted.nix
View File

@@ -385,20 +385,20 @@ in
libnotify.sandbox.wrapperType = "wrappedDerivation"; libnotify.sandbox.wrapperType = "wrappedDerivation";
libnotify.sandbox.whitelistDbus = [ "user" ]; # notify-send libnotify.sandbox.whitelistDbus = [ "user" ]; # notify-send
# TODO: losslesscut: requires X server (Xwayland); sandbox can't find it..? losslesscut-bin.sandbox.method = "bwrap";
# losslesscut-bin.sandbox.method = "bwrap"; losslesscut-bin.sandbox.wrapperType = "wrappedDerivation";
# losslesscut-bin.sandbox.wrapperType = "wrappedDerivation"; losslesscut-bin.sandbox.extraHomePaths = [
# losslesscut-bin.sandbox.extraHomePaths = [ "Music"
# "Music" "Pictures" # i have some videos in there too.
# "Pictures" # i have some videos in there too. "Pictures/servo-macros"
# "Pictures/servo-macros" "Videos"
# "Videos" "Videos/servo"
# "Videos/servo" "tmp"
# "tmp" ];
# ]; losslesscut-bin.sandbox.whitelistAudio = true;
# losslesscut-bin.sandbox.whitelistAudio = true; losslesscut-bin.sandbox.whitelistDri = true;
# losslesscut-bin.sandbox.whitelistDri = true; losslesscut-bin.sandbox.whitelistWayland = true;
# losslesscut-bin.sandbox.whitelistWayland = true; losslesscut-bin.sandbox.whitelistX = true;
mercurial.sandbox.method = "bwrap"; # TODO:sandbox: untested mercurial.sandbox.method = "bwrap"; # TODO:sandbox: untested
mercurial.sandbox.wrapperType = "wrappedDerivation"; mercurial.sandbox.wrapperType = "wrappedDerivation";
@@ -510,12 +510,12 @@ in
tree.sandbox.autodetectCliPaths = true; tree.sandbox.autodetectCliPaths = true;
tree.sandbox.whitelistPwd = true; tree.sandbox.whitelistPwd = true;
# TODO: tumiki-fighters: requires X server (Xwayland); sandbox can't find it..? tumiki-fighters.sandbox.method = "bwrap";
# tumiki-fighters.sandbox.method = "bwrap"; tumiki-fighters.sandbox.wrapperType = "wrappedDerivation";
# tumiki-fighters.sandbox.wrapperType = "wrappedDerivation"; tumiki-fighters.sandbox.whitelistAudio = true;
# tumiki-fighters.sandbox.whitelistAudio = true; tumiki-fighters.sandbox.whitelistDri = true; #< not strictly necessary, but triples CPU perf
# tumiki-fighters.sandbox.whitelistDri = true; #< TODO: not sure if necessary tumiki-fighters.sandbox.whitelistWayland = true;
# tumiki-fighters.sandbox.whitelistWayland = true; tumiki-fighters.sandbox.whitelistX = true;
unzip.sandbox.method = "bwrap"; unzip.sandbox.method = "bwrap";
unzip.sandbox.wrapperType = "wrappedDerivation"; unzip.sandbox.wrapperType = "wrappedDerivation";