|
2b66ffc58a
|
programs: feedbackd: sandbox w/ bwrap
|
2024-02-16 03:49:59 +00:00 |
|
|
48d96c1f36
|
programs: hase: sandbox with bwrap
couldn't test the net feature, because hase servers have since gone
offline :((
|
2024-02-16 03:48:59 +00:00 |
|
|
cdf61755a3
|
programs: splatmoji: document the sandboxing approach
|
2024-02-16 03:46:48 +00:00 |
|
|
dd1dc69530
|
packages: remove unused kid3
|
2024-02-16 03:39:45 +00:00 |
|
|
481f54ea2f
|
packages: disable unused packages: makemkv, mumble, openscad
|
2024-02-16 03:20:17 +00:00 |
|
|
511752fab5
|
programs: xdg-desktop-portal{-gtk,-wlr}: enable sandbox
|
2024-02-16 03:17:19 +00:00 |
|
|
40ed7cff1b
|
programs: git: fix failing sandbox build
|
2024-02-16 03:16:46 +00:00 |
|
|
5e7f914354
|
programs: superTux: fix failing sandbox build
|
2024-02-16 03:16:28 +00:00 |
|
|
8c9c6ec979
|
modules/programs: make-sandboxed: support /libexec binaries
|
2024-02-16 03:15:45 +00:00 |
|
|
0dec8b6d5b
|
programs: fontconfig: sandbox
|
2024-02-15 18:26:45 +00:00 |
|
|
7eaffc9fa0
|
programs: w3m: enable sandbox
|
2024-02-15 18:25:48 +00:00 |
|
|
b7c1a6331d
|
programs: mate.engrampa: enable sandbox
|
2024-02-15 18:24:27 +00:00 |
|
|
d6868d58e6
|
xdg-desktop-portal: disable sandbox
|
2024-02-15 18:23:40 +00:00 |
|
|
1edb1fc8b6
|
modules/programs: sane-sandboxed: avoid adding the sandbox implementation to $PATH
|
2024-02-15 17:58:22 +00:00 |
|
|
52d768a162
|
programs: xterm: mark as not needing a sandbox
|
2024-02-15 17:26:55 +00:00 |
|
|
7a685d8de9
|
programs: inkscape: sandbox with bwrap
|
2024-02-15 17:26:37 +00:00 |
|
|
838c6d7dc8
|
programs: swaync: sandbox
|
2024-02-15 16:38:38 +00:00 |
|
|
8d20dcadd1
|
modules/programs: sane-sandboxed: add --sane-sandbox-keep-pidspace flag
|
2024-02-15 15:05:28 +00:00 |
|
|
9d706df5b5
|
programs: waybar: narrow the /run/user paths to just sway-ipc.sock
|
2024-02-15 14:40:01 +00:00 |
|
|
06f1f1e9ea
|
sway: give SWAYSOCK a consistent name
|
2024-02-15 14:38:54 +00:00 |
|
|
2fbbe7fd78
|
sway: remove unused "sane.gui.sway.package" option
|
2024-02-15 14:38:10 +00:00 |
|
|
24d23f7903
|
programs: bemenu: fix sandboxing
|
2024-02-15 14:33:20 +00:00 |
|
|
0394aa65e9
|
sway: simplify config
|
2024-02-15 14:25:45 +00:00 |
|
|
5090c4e88c
|
sway: define without using nixos "programs.sway"
motivation was to leverage 'sane.programs.sway.env' to statically configure SWAYSOCK. i think that's still the right way: we'll see
|
2024-02-15 14:25:27 +00:00 |
|
|
081114da65
|
programs: waybar: sandbox in a way that works well for moby too
|
2024-02-15 13:16:18 +00:00 |
|
|
c943442c94
|
modules/programs: sane-sandboxed: add --sane-sandbox-method none for benchmarking
|
2024-02-15 13:13:39 +00:00 |
|
|
02b7586ffa
|
programs: komikku: add dbus to the sandbox to fix it
|
2024-02-15 11:58:08 +00:00 |
|
|
02dd629616
|
modules/programs: sane-sandboxed: rework so portal env vars arent set when sandbox is disabled
and by setting them only at launch time we aid introspectability/debugging
|
2024-02-15 11:57:36 +00:00 |
|
|
25dcb7f89a
|
programs: open-in-mpv: document that upstream merged my PR
|
2024-02-15 11:38:37 +00:00 |
|
|
88f1d63b6e
|
firefox: properly integrate xdg-desktop-portal for opening media
|
2024-02-15 11:36:50 +00:00 |
|
|
d36e269edd
|
programs: loupe: remove the dbus services to make it work with Firefox
|
2024-02-15 11:36:24 +00:00 |
|
|
40af8b95fd
|
pkgs.rmDbusServices: also remove dbus properties from .desktop files
|
2024-02-15 11:35:52 +00:00 |
|
|
582a003739
|
programs: waybar: fix battery indicator within sandbox
|
2024-02-15 10:35:24 +00:00 |
|
|
df60be8c61
|
open-in-mpv: sandbox with bwrap
|
2024-02-15 09:49:03 +00:00 |
|
|
e8b4c36442
|
programs: nautilus: specify inode/directory mime association
|
2024-02-15 09:48:26 +00:00 |
|
|
2f699737f5
|
firefox: fix open-in-mpv integration
two parts: add open-in-mpv's config to firefox's sandbox; patch open-in-mpv to forward to xdg-open
|
2024-02-15 09:14:57 +00:00 |
|
|
4a3d24be3f
|
waybar: migrate all config to "sane.programs"
|
2024-02-15 07:18:12 +00:00 |
|
|
10feb319fe
|
sway: lift waybar to own file and sandbox it
|
2024-02-15 02:33:40 +00:00 |
|
|
fde1e5d872
|
README: add a graphic
|
2024-02-15 01:01:31 +00:00 |
|
|
b2fcf6fdfd
|
programs: messengers (fractal, signal, dino, tuba): add media libraries to the sandbox
|
2024-02-15 00:49:24 +00:00 |
|
|
dcc2eb265d
|
programs: re-enable sandbox for tumiki-fighters and losslesscut (X applications)
|
2024-02-15 00:09:40 +00:00 |
|
|
5f1036118f
|
modules/programs: sandboxing: add a "whitelistX" option
|
2024-02-15 00:09:16 +00:00 |
|
|
8ac4869f10
|
gpodder-adaptive: fix meta.position and thereby fix NUR eval
idk why it broke. seems that attrset members (passthru.*) don't preserve their position anymore
|
2024-02-14 23:39:18 +00:00 |
|
|
226425bbef
|
nixpkgs: 2024-02-13 -> 2024-02-14; sops-nix -> 2024-02-13
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/013603a52da98fe4abf15a5700479a58fa5899a5' (2024-02-13)
→ 'github:nixos/nixpkgs/52e165035c897a7b41ff26bc235f8d841e9d3850' (2024-02-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/40a7b182e0a00245d69f6b8c1dfd3ea4bfc6257c' (2024-02-13)
→ 'github:nixos/nixpkgs/c0a130d16b170f4820c3d2ed294a7aaabf451bfd' (2024-02-14)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/695275c349bb27f91b2b06cb742510899c887b81' (2024-02-12)
→ 'github:Mic92/sops-nix/48afd3264ec52bee85231a7122612e2c5202fa74' (2024-02-13)
```
|
2024-02-14 22:50:47 +00:00 |
|
|
518c3afd07
|
programs: sandbox: disable losslesscut/tumiki-fighters sandbox until i can figure out Xwayland
|
2024-02-14 14:37:59 +00:00 |
|
|
90dee85664
|
programs: sort alphabetically
|
2024-02-14 14:28:22 +00:00 |
|
|
26fc283fd9
|
programs: losslesscut: sandbox
|
2024-02-14 14:26:56 +00:00 |
|
|
d0430ce1e9
|
programs: pavucontrol/pwvucontrol: enable audio devices inside the sandbox
|
2024-02-14 14:26:56 +00:00 |
|
|
368a52b91e
|
programs: speedtest-cli: sandbox with bwrap
|
2024-02-14 14:26:56 +00:00 |
|
|
d90dacee1f
|
programs: grimshot: sandbox with bwrap
|
2024-02-14 14:17:41 +00:00 |
|