|
|
04f4d330a8
|
programs: enable free
|
2024-06-13 01:09:48 +00:00 |
|
|
|
ce60e53b9a
|
programs: add ps
|
2024-06-13 01:04:24 +00:00 |
|
|
|
3ff9f974a6
|
programs: enable watch
|
2024-06-13 00:59:34 +00:00 |
|
|
|
63f3b8e89b
|
handbrake: disable until i fix the build
|
2024-06-12 07:40:29 +00:00 |
|
|
|
9fc4119275
|
mesa-demos: deploy
|
2024-06-12 07:11:41 +00:00 |
|
|
|
d8fed884d0
|
programs: steam: move from pcGuiApps -> pcGameApps
|
2024-06-07 07:30:56 +00:00 |
|
|
|
e4bcbab224
|
hosts: networking: switch to using nixos NetworkManager/ModemManager/etc, just patched for hardening
|
2024-06-02 11:22:03 +00:00 |
|
|
|
53bbd611da
|
nixpkgs-review: persist the ~/.cache/nixpkgs-review directory
|
2024-06-01 17:15:54 +00:00 |
|
|
|
8340cf059f
|
nixpkgs-review: fix sandboxing
|
2024-06-01 15:26:23 +00:00 |
|
|
|
8ea379d53b
|
errno: ship on all platforms
|
2024-06-01 14:04:45 +00:00 |
|
|
|
8657cf1fcf
|
ship ausyscall binary
|
2024-06-01 12:17:08 +00:00 |
|
|
|
05986d363d
|
brightnessctl: fix udev rules so i can run it again
|
2024-06-01 12:02:24 +00:00 |
|
|
|
07aec3ca3c
|
apps: explain why i ship both engrampa and xarchiver archive managers
|
2024-05-31 08:39:23 +00:00 |
|
|
|
afa8a3c52e
|
activationScripts.notifyActive: future-proof for if ever DBUS_SESSION_BUS_ADDRESS changes
|
2024-05-30 11:03:35 +00:00 |
|
|
|
bfbcb4789b
|
activationScripts.notifyActive: fix forrenamed XDG_RUNTIME_DIR
|
2024-05-30 10:56:17 +00:00 |
|
|
|
32124d76bf
|
cups: disable (not currently used, and not sandboxed)
|
2024-05-29 18:33:17 +00:00 |
|
|
|
d865be952a
|
refactor: sandboxing: replace manual --sanebox-keep-namespace pid config with isolatePids = false
|
2024-05-29 12:56:46 +00:00 |
|
|
|
c570b7bf5d
|
dbus: manage it ourselves instead of having systemd do it
|
2024-05-29 11:30:33 +00:00 |
|
|
|
0ed7eb24fb
|
programs: assorted: remove legacy programs.feedback setting
|
2024-05-29 11:30:33 +00:00 |
|
|
|
ad8e75b6a3
|
programs: assorted: remove /var/lib/alsa persistence; doesnt seem to be needed
|
2024-05-29 11:30:33 +00:00 |
|
|
|
1ee21c4795
|
NetworkManager: run as user instead of root
|
2024-05-29 09:16:30 +00:00 |
|
|
|
247fc1f887
|
hosts/modules/gui: fold into hosts/common/programs
|
2024-05-28 16:51:02 +00:00 |
|
|
|
47611eaa26
|
sane-weather: sandbox
|
2024-05-28 09:38:04 +00:00 |
|
|
|
8042ea76e6
|
assorted programs: specify sandbox.autodetectCliPaths variant more precisely than just true
|
2024-05-28 07:14:27 +00:00 |
|
|
|
c59236509b
|
sane-cast: sandbox
|
2024-05-28 07:07:11 +00:00 |
|
|
|
3c5e5632ee
|
wtype: sandbox
|
2024-05-28 03:04:26 +00:00 |
|
|
|
dcedb8d3f0
|
sanebox: handle --flag=path style of autodetected paths
|
2024-05-28 03:04:02 +00:00 |
|
|
|
f2271180dd
|
alsa-ucm-conf: split the patched alsa confs out into their own package
|
2024-05-27 12:53:33 +00:00 |
|
|
|
60b1ab1429
|
conky: split sane-battery-estimate out into its own program
|
2024-05-27 11:33:40 +00:00 |
|
|
|
2ee39ca0cc
|
poly_unfill: remove /run/wrappers/bin/unix_chkpwd
non-privileged users don't need to check passwords
well, maybe they do (for desktop unlockers), but i've already solved that :)
|
2024-05-26 06:37:59 +00:00 |
|
|
|
efa1ee6c69
|
iproute2: disable sandbox and fix ip commands
|
2024-05-26 01:18:30 +00:00 |
|
|
|
8cb73687ce
|
unl0kr: don't add extra deps to user's PATH
|
2024-05-26 01:17:42 +00:00 |
|
|
|
73f5c9608e
|
sanebox: tighter dependency handling, to not rely on @BACKEND_FALLBACK@
|
2024-05-25 10:26:36 +00:00 |
|
|
|
7b1bc210fd
|
sanebox: integrate with pasta (passt) for better net sandboxing
|
2024-05-25 09:39:18 +00:00 |
|
|
|
49b48b24fc
|
ship linux/posix manpages
|
2024-05-24 06:57:20 +00:00 |
|
|
|
844a128d60
|
iproute2: fix sandboxing (hopefully)
|
2024-05-24 06:41:12 +00:00 |
|
|
|
87c84f0e2e
|
ship libcamera, snapshot
note that properly packaging these is still a WIP
|
2024-05-19 10:41:09 +00:00 |
|
|
|
1b24bd50f9
|
errno: ship
|
2024-05-19 00:21:30 +00:00 |
|
|
|
adfaa7f9c1
|
sane-sandboxed -> sanebox
|
2024-05-15 01:41:40 +00:00 |
|
|
|
3557994cbb
|
gnome-clocks: fix sound an sandboxing artifacts
|
2024-05-14 01:21:37 +00:00 |
|
|
|
be84ab1f45
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
|
|
43d32641f3
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
|
|
eadf85f66d
|
sane-open: associate as the default launcher for .desktop files
|
2024-05-12 17:41:00 +00:00 |
|
|
|
32e06ce998
|
programs: gnome-disk-utility: grant sandbox access to ~/tmp
|
2024-05-06 05:15:28 +00:00 |
|
|
|
b7dd40e558
|
sane-open-desktop -> sane-open and have it auto-open/close the keyboard based on what an app wants
|
2024-04-30 19:22:37 +00:00 |
|
|
|
46d1a49f0f
|
servo: enable sane-cast program
|
2024-04-29 21:50:03 +00:00 |
|
|
|
ae418fb2d1
|
valgrind: mark as not sandboxable
|
2024-04-23 09:08:05 +00:00 |
|
|
|
152a5d4c92
|
sane-cast: integrate with mpv
|
2024-04-23 07:52:48 +00:00 |
|
|
|
a000a722ba
|
mpv: fix so sane-sysvol doesnt hang exit
|
2024-04-21 10:08:46 +00:00 |
|
|
|
4dfee58d09
|
sops: fix sandbox path
|
2024-04-20 21:43:13 +00:00 |
|
