nix-files

History

Colin 8029744c90 modules/programs: don't expose all of /run/secrets/home to every program this was actually causing a lot of bwrap errors because that directory's not user-readable turns out any program which already uses programs.xyz.secrets gets the /run/secrets mounts for free via symlink following		2024-03-02 18:51:39 +00:00
..
default.nix	modules/programs: don't expose all of /run/secrets/home to every program	2024-03-02 18:51:39 +00:00
make-sandbox-profile.nix	modules/programs: rename allowedRootPaths -> allowedPaths	2024-02-12 13:00:10 +00:00
make-sandboxed.nix	make-sandboxed: generalize runCommand patch to handle any derivation, called with or without callPackage	2024-03-02 07:11:45 +00:00
sane-sandboxed	sane-sandboxed: add new `--sane-sandbox-keep-namespace all` option	2024-03-01 20:48:56 +00:00
sane-sandboxed.nix	modules/programs: sane-sandboxed: optimize "normPath" to not invoke subshells	2024-02-18 12:08:23 +00:00