|
f785ccd351
|
programs: sane-reclaim-disk-space: sandbox
|
2024-02-19 17:06:22 +00:00 |
|
|
48744dcaaa
|
programs: sane-ip-reconnect: remove (unused)
|
2024-02-19 17:05:27 +00:00 |
|
|
9373864b60
|
programs: sane-git-init: remove (unused)
|
2024-02-19 16:53:59 +00:00 |
|
|
c16c9dfe0b
|
programs: sandbox a bunch of sane scripts
|
2024-02-19 16:51:53 +00:00 |
|
|
2d17826731
|
programs: eza: sandbox with bwrap instead of landlock
|
2024-02-19 15:32:40 +00:00 |
|
|
de297f22be
|
programs: split sane-scripts out of assorted.nix
|
2024-02-19 14:19:10 +00:00 |
|
|
4b47b76461
|
programs: sfeed: sandbox
|
2024-02-19 14:14:59 +00:00 |
|
|
3effd59c9b
|
xdg-desktop-portal-{gtk,wlr}: start via service manager, with ordered deps, instead of letting dbus activate it for us
that gets more reliable environment importing, etc
|
2024-02-19 13:44:23 +00:00 |
|
|
44647e0d36
|
programs: forkstat: sandbox
|
2024-02-19 13:15:15 +00:00 |
|
|
da1053d635
|
programs: configure auto-launching programs to only start *after* graphical-session.target
this ensures they really have their environment
|
2024-02-19 12:58:08 +00:00 |
|
|
8886177c23
|
xdg-desktop-portal: fix it to find all the portal configs again
maybe i broke this when i simplified XDG_CONFIG_DIRS? not sure
|
2024-02-19 12:58:08 +00:00 |
|
|
35b4cc779f
|
megapixels: switch to bwrap, to support Loupe image viewer
|
2024-02-18 18:46:37 +00:00 |
|
|
c7d111a318
|
megapixels: 1.7.0 -> 1.8.0
|
2024-02-18 18:27:47 +00:00 |
|
|
7e5eb6324d
|
megapixels: sandbox
it's iffy... 1.8.0 is released, which can be sandboxed w/o sys/dev/char or ~/.local/share/applications, but seems to be even flakier
|
2024-02-18 17:44:49 +00:00 |
|
|
55c305812d
|
WIP: megapixels: sandbox
|
2024-02-18 13:53:18 +00:00 |
|
|
67395bdcd3
|
programs: ship forkstat
|
2024-02-18 11:58:30 +00:00 |
|
|
a591be98d4
|
programs: portfolio-filemanager: sandbox
|
2024-02-18 07:07:29 +00:00 |
|
|
82e028e37d
|
programs: nautilus: assign a mime priority
|
2024-02-18 07:07:29 +00:00 |
|
|
7f7543ee78
|
programs: planify: sandbox
|
2024-02-18 07:07:29 +00:00 |
|
|
8d0e3e0db3
|
programs: notejot: sandbox
|
2024-02-18 07:07:29 +00:00 |
|
|
bf352d184c
|
programs: tangram: sandbox
|
2024-02-18 07:07:29 +00:00 |
|
|
81a6600f54
|
programs: xarchiver: sandbox
|
2024-02-18 07:07:29 +00:00 |
|
|
536f0aedc3
|
open-in-mpv: remove my patch which has been upstreamed, previously required to use xdg-open
|
2024-02-18 04:52:27 +00:00 |
|
|
98aafead94
|
programs: wob: add missing "coreutils" dep
it *should* be acquired via user's PATH, but wob-pulse can start before sway imports PATH to systemd
|
2024-02-17 16:38:22 +00:00 |
|
|
f8663cd827
|
programs: monero-gui: sandbox
|
2024-02-17 16:06:58 +00:00 |
|
|
af1ee1734d
|
programs: wireguard-tools: sandbox
|
2024-02-17 15:54:16 +00:00 |
|
|
5375cab716
|
programs: ntfy-sh: sandbox
|
2024-02-17 15:47:47 +00:00 |
|
|
162b3f5674
|
imagemagick: don't add 'ghostscript' package to path
|
2024-02-17 15:45:50 +00:00 |
|
|
a729f91d21
|
programs: jq: add working sandbox criteria, but don't enable yet
i need to handle the extremely common `cat foo | jq .` without adding
`.` to the sandbox
|
2024-02-17 15:36:41 +00:00 |
|
|
a273b559e2
|
programs: gnome-disk-utility: sandbox
|
2024-02-17 15:36:28 +00:00 |
|
|
785b375671
|
programs: smartmontools (smartctl): sandbox
|
2024-02-17 15:36:13 +00:00 |
|
|
24cba0c856
|
programs: xq: remove
|
2024-02-17 15:30:23 +00:00 |
|
|
df1db5d01c
|
programs: sox: sandbox
|
2024-02-17 15:27:22 +00:00 |
|
|
6749b64bca
|
programs: nautilus: add mounted media to the sandbox
|
2024-02-17 15:26:49 +00:00 |
|
|
d3e4bdfcd5
|
programs: gdisk: fix sandboxing
|
2024-02-17 15:26:16 +00:00 |
|
|
799cd4373f
|
programs: socat: disable
|
2024-02-17 15:11:12 +00:00 |
|
|
2efa6d1e27
|
programs: mepo: sandbox
|
2024-02-17 15:08:21 +00:00 |
|
|
a1470956a5
|
programs: gdisk: sandbox
|
2024-02-17 14:57:33 +00:00 |
|
|
556c20bc04
|
programs: vulkan-tools: sandbox
|
2024-02-17 14:53:22 +00:00 |
|
|
cf5f58dda6
|
programs: nmap: sandbox
|
2024-02-17 14:51:26 +00:00 |
|
|
6f8c299c69
|
programs: xdg-desktop-portal: log more
|
2024-02-17 14:40:56 +00:00 |
|
|
bbf7aac062
|
programs: gnome-frog: sandbox
|
2024-02-17 14:40:42 +00:00 |
|
|
7d1fd2f30a
|
programs: nvme-cli: sandbox
|
2024-02-17 14:40:29 +00:00 |
|
|
472987f164
|
programs: gimp: fix sandboxing failure
|
2024-02-17 13:43:35 +00:00 |
|
|
784c2145f3
|
programs: iputils: sandbox
|
2024-02-17 03:33:05 +00:00 |
|
|
0000afb315
|
programs: make nixosBuiltins package set more precise
|
2024-02-17 03:08:14 +00:00 |
|
|
31fa21bd20
|
programs: host/iproute2/iw/nettools/wirelesstools: sandbox
|
2024-02-17 03:05:58 +00:00 |
|
|
9510817604
|
programs: document nixosBuiltins programs
|
2024-02-17 02:40:28 +00:00 |
|
|
4a84de3ee4
|
programs: inetutils/iptables: sandbox
|
2024-02-17 02:32:57 +00:00 |
|
|
ab42a4cc5a
|
programs: qemu: disable sandbox
|
2024-02-17 01:43:58 +00:00 |
|