programs: iproute: use a less restrictive sandbox
This commit is contained in:
parent
3cf42db7dc
commit
fb79ca4c8e
|
@ -552,6 +552,10 @@ in
|
|||
iproute2.sandbox.method = "landlock";
|
||||
iproute2.sandbox.net = "all";
|
||||
iproute2.sandbox.capabilities = [ "net_admin" ];
|
||||
iproute2.sandbox.extraPaths = [
|
||||
"/run/netns" # for `ip netns ...` to work
|
||||
"/var/run/netns"
|
||||
];
|
||||
|
||||
iptables.sandbox.method = "landlock";
|
||||
iptables.sandbox.net = "all";
|
||||
|
|
Loading…
Reference in New Issue
Block a user