Colin
539d9e45a2
they require fundamentally different sandboxing approaches. the daemon *can't* always use bwrap if it wants to run as non-root. meanwhile the CLI tools would mostly *prefer* to run under bwrap. in the long term i'll maybe upstream the systemd sandboxing into nixpkgs, where there looks to be desire for it |
||
---|---|---|
.. | ||
default.nix |