13 lines
484 B
Nix
13 lines
484 B
Nix
{ pkgs, ... }:
|
|
{
|
|
sane.programs.strings = {
|
|
# binutils-unwrapped is like 80 MiB, just for this one binary;
|
|
# dynamic linking means copying the binary doesn't reduce the closure much at all compared to just symlinking it.
|
|
packageUnwrapped = pkgs.linkIntoOwnPackage pkgs.binutils-unwrapped "bin/strings";
|
|
|
|
sandbox.method = "landlock";
|
|
sandbox.wrapperType = "inplace"; # trivial package; cheaper to wrap in place
|
|
sandbox.autodetectCliPaths = "existing";
|
|
};
|
|
}
|