colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
5,335 Commits 125 Branches 1 Tag 13 MiB
b7921ac41b
Commit Graph

239 Commits

Author SHA1 Message Date
Colin
b7921ac41b refactor: programs: sort 2024-02-25 11:53:49 +00:00
Colin
0745e9fc06 refactor: programs: split gnome-maps into own file 2024-02-25 09:06:32 +00:00
Colin
f714bd8281 programs: jq: sandbox 2024-02-25 01:59:01 +00:00
Colin
73b2594d9b programs: sandboxing: distinguish between "existingFileOrParent" and "existingOrParent" 2024-02-25 01:59:01 +00:00
Colin
aa0991bd6c persistence: cleanup so it all works well with symlink-based stores 2024-02-23 13:09:44 +00:00
Colin
24d1d13d0a programs: simplify sandboxing of file browsers/etc now that private data lives on a different mount 2024-02-23 07:06:29 +00:00
Colin
af03b3f6e8 xwayland: sandbox 2024-02-23 01:05:24 +00:00
Colin
5819f07181 programs: xwayland: sandbox 2024-02-22 22:12:03 +00:00
Colin
b8f090be93 programs: delfin: add required mpris permissions 2024-02-21 13:27:19 +00:00
Colin
5a0760a571 programs: sandbox oathtools 2024-02-21 00:03:48 +00:00
Colin
81148b7b42 programs: explicitly depend on dconf instead of manually persisting dconf's dirs 2024-02-20 23:39:27 +00:00
Colin
6cf1bc5a28 programs: grep: sandbox 2024-02-20 23:32:28 +00:00
Colin
768b340c93 findutils: sandbox 
use bwrap instead of landlock for the dumb preference that i can disable
net
 2024-02-20 23:31:58 +00:00
Colin
a624571b22 move glib program recommendation into programs/assorted.nix 2024-02-20 12:11:26 +00:00
Colin
c7f4661c1c programs: htop: persist config 2024-02-20 05:38:45 +00:00
Colin
e8306831c5 programs: qemu: mark as slowToBuild 2024-02-20 05:34:47 +00:00
Colin
2d17826731 programs: eza: sandbox with bwrap instead of landlock 2024-02-19 15:32:40 +00:00
Colin
de297f22be programs: split sane-scripts out of assorted.nix 2024-02-19 14:19:10 +00:00
Colin
3effd59c9b xdg-desktop-portal-{gtk,wlr}: start via service manager, with ordered deps, instead of letting dbus activate it for us 
that gets more reliable environment importing, etc
 2024-02-19 13:44:23 +00:00
Colin
44647e0d36 programs: forkstat: sandbox 2024-02-19 13:15:15 +00:00
Colin
67395bdcd3 programs: ship forkstat 2024-02-18 11:58:30 +00:00
Colin
f8663cd827 programs: monero-gui: sandbox 2024-02-17 16:06:58 +00:00
Colin
af1ee1734d programs: wireguard-tools: sandbox 2024-02-17 15:54:16 +00:00
Colin
a729f91d21 programs: jq: add working sandbox criteria, but don't enable yet 
i need to handle the extremely common `cat foo | jq .` without adding
`.` to the sandbox
 2024-02-17 15:36:41 +00:00
Colin
a273b559e2 programs: gnome-disk-utility: sandbox 2024-02-17 15:36:28 +00:00
Colin
785b375671 programs: smartmontools (smartctl): sandbox 2024-02-17 15:36:13 +00:00
Colin
24cba0c856 programs: xq: remove 2024-02-17 15:30:23 +00:00
Colin
df1db5d01c programs: sox: sandbox 2024-02-17 15:27:22 +00:00
Colin
d3e4bdfcd5 programs: gdisk: fix sandboxing 2024-02-17 15:26:16 +00:00
Colin
799cd4373f programs: socat: disable 2024-02-17 15:11:12 +00:00
Colin
a1470956a5 programs: gdisk: sandbox 2024-02-17 14:57:33 +00:00
Colin
556c20bc04 programs: vulkan-tools: sandbox 2024-02-17 14:53:22 +00:00
Colin
cf5f58dda6 programs: nmap: sandbox 2024-02-17 14:51:26 +00:00
Colin
bbf7aac062 programs: gnome-frog: sandbox 2024-02-17 14:40:42 +00:00
Colin
7d1fd2f30a programs: nvme-cli: sandbox 2024-02-17 14:40:29 +00:00
Colin
472987f164 programs: gimp: fix sandboxing failure 2024-02-17 13:43:35 +00:00
Colin
784c2145f3 programs: iputils: sandbox 2024-02-17 03:33:05 +00:00
Colin
0000afb315 programs: make nixosBuiltins package set more precise 2024-02-17 03:08:14 +00:00
Colin
31fa21bd20 programs: host/iproute2/iw/nettools/wirelesstools: sandbox 2024-02-17 03:05:58 +00:00
Colin
9510817604 programs: document nixosBuiltins programs 2024-02-17 02:40:28 +00:00
Colin
4a84de3ee4 programs: inetutils/iptables: sandbox 2024-02-17 02:32:57 +00:00
Colin
ab42a4cc5a programs: qemu: disable sandbox 2024-02-17 01:43:58 +00:00
Colin
f6537b083a programs: discord: add dbus to sandbox 2024-02-17 01:42:22 +00:00
Colin
1b4306e649 programs: switch bridge-utils, btrfs-progs from landlock -> bwrap 
landlock can't isolate net yet, so bwrap gives better sandboxing
 2024-02-16 15:32:41 +00:00
Colin
af8a8358bd programs: hdparm: sandbox 2024-02-16 15:32:41 +00:00
Colin
464c6c56c5 programs: btrfs-progs: sandbox 2024-02-16 15:32:41 +00:00
Colin
8e314e8b73 programs: bridge-utils: sandbox 2024-02-16 15:32:41 +00:00
Colin
198029f95f programs: netcat: sandbox 2024-02-16 15:32:41 +00:00
Colin
1d646459ab programs: pulsemixer: sandbox 2024-02-16 15:32:41 +00:00
Colin
8f3bab3636 programs: sort 2024-02-16 15:32:41 +00:00