nix-files

Author	SHA1	Message	Date
Colin	cbe6072c03	polyunfill: remove policykit suid wrappers	2024-05-28 05:24:37 +00:00
Colin	bea1fd95e5	polyunfill: disable dbus-daemon-launch-helper suid wrapper	2024-05-28 05:14:06 +00:00
Colin	ae544c0649	polyunfill: disable mount/umount suid wrappers	2024-05-28 05:02:26 +00:00
Colin	b571f70988	polyunfill: remove fusermount suid wrapper	2024-05-28 04:56:14 +00:00
Colin	3a045f4d88	doc: polyunfill: point to https://github.com/NixOS/nixpkgs/pull/314791	2024-05-26 08:00:18 +00:00
Colin	57d6a9a4c3	polyunfill: simplify pam hacks	2024-05-26 07:04:12 +00:00
Colin	2ee39ca0cc	poly_unfill: remove /run/wrappers/bin/unix_chkpwd non-privileged users don't need to check passwords well, maybe they do (for desktop unlockers), but i've already solved that :)	2024-05-26 06:37:59 +00:00
Colin	9d9211c5fa	polyunfill: distribute /run/wrappers/bin/unix_chkpwd without suid bit	2024-05-26 01:18:30 +00:00
Colin	9ce7dcd57a	/run/wrappers: remove unused newgidmap,newuidmap,newgrp binaries	2024-05-26 01:18:30 +00:00
Colin	c5e7ef7b0c	polyunfill: don't ship x86-only kernel modules to moby's initrd notably, this relaxes some constraints on the kernel so that e.g. postmarketOS kernel actually passes eval checks (and boots to ssh! no graphics yet)	2024-05-21 22:47:12 +00:00
Colin	d0734947bf	polyunfill: disable swraid	2024-05-21 22:47:12 +00:00
Colin	5205251f6f	programs: xwayland: sandbox it without exposing net access	2024-03-23 15:33:23 +00:00
Colin	294563c655	dbus: fix to only search /run/current-system/sw/share/dbus-1 for service files	2024-03-13 02:04:02 +00:00
Colin	083f743c1f	remove nixpkgs `less` defaults and manage PAGER myself this lets me avoid the lesspipe cross failures, notably	2024-02-29 15:18:51 +00:00
Colin	55a6c828f2	sway: lift portal/menu reset into polyunfill.nix	2024-02-21 22:09:53 +00:00
Colin	46de7b7e0d	move environment.defaultPackages clearing into polyunfill.nix	2024-02-20 11:54:39 +00:00
Colin	5666a05ef0	strip out a bunch of unused nixpkgs defaults	2024-02-19 06:20:13 +00:00

17 Commits