modules/programs: enable even more /dev/video devices inside the relevant sandboxes
This commit is contained in:
@@ -585,9 +585,19 @@ let
|
||||
++ lib.optionals config.sandbox.whitelistX [ "/tmp/.X11-unix" ]
|
||||
++ lib.optionals config.sandbox.keepPidsAndProc [ "/proc" ]
|
||||
++ lib.optionals config.sandbox.whitelistAvDev [
|
||||
# the number of /dev/{media,v4l-subdev,video} devices varies based on device,
|
||||
# and can even change as the kernel drivers are improved.
|
||||
# enable way more here than any of my devices actually require, for the sake of not being fragile.
|
||||
"/dev/media0"
|
||||
"/dev/media1"
|
||||
"/dev/media2"
|
||||
"/dev/media3"
|
||||
"/dev/media4"
|
||||
"/dev/media5"
|
||||
"/dev/media6"
|
||||
"/dev/media7"
|
||||
"/dev/media8"
|
||||
"/dev/media9"
|
||||
"/dev/snd"
|
||||
"/dev/v4l"
|
||||
"/dev/v4l-subdev0"
|
||||
@@ -597,6 +607,19 @@ let
|
||||
"/dev/v4l-subdev4"
|
||||
"/dev/v4l-subdev5"
|
||||
"/dev/v4l-subdev6"
|
||||
"/dev/v4l-subdev7"
|
||||
"/dev/v4l-subdev8"
|
||||
"/dev/v4l-subdev9"
|
||||
"/dev/v4l-subdev10"
|
||||
"/dev/v4l-subdev11"
|
||||
"/dev/v4l-subdev12"
|
||||
"/dev/v4l-subdev13"
|
||||
"/dev/v4l-subdev14"
|
||||
"/dev/v4l-subdev15"
|
||||
"/dev/v4l-subdev16"
|
||||
"/dev/v4l-subdev17"
|
||||
"/dev/v4l-subdev18"
|
||||
"/dev/v4l-subdev19"
|
||||
# /dev/videoN is used for webcam on lappy, and camera on moby
|
||||
"/dev/video0"
|
||||
"/dev/video1"
|
||||
@@ -606,6 +629,18 @@ let
|
||||
"/dev/video5"
|
||||
"/dev/video6"
|
||||
"/dev/video7"
|
||||
"/dev/video8"
|
||||
"/dev/video9"
|
||||
"/dev/video10"
|
||||
"/dev/video11"
|
||||
"/dev/video12"
|
||||
"/dev/video13"
|
||||
"/dev/video14"
|
||||
"/dev/video15"
|
||||
"/dev/video16"
|
||||
"/dev/video17"
|
||||
"/dev/video18"
|
||||
"/dev/video19"
|
||||
|
||||
# specifically for pipewire + wireplumber (for cameras on moby, they seem to both need these identical paths)
|
||||
"/run/udev"
|
||||
|
||||
Reference in New Issue
Block a user