diff options
author | Christoph Cullmann <cullmann@kde.org> | 2023-01-23 00:45:35 +0100 |
---|---|---|
committer | Christoph Cullmann <cullmann@kde.org> | 2023-01-23 00:45:35 +0100 |
commit | 00cce2a533ec697ce5b135ac56e413d8e3a500d8 (patch) | |
tree | 07cd3fbe324b5ab8d123df4e35f8790601cecdf3 | |
parent | 92578db256d84b91c84645d1a295f851d9b2b624 (diff) |
try to firejail stuff
-rw-r--r-- | common.nix | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -208,8 +208,10 @@ in aspellDicts.en borgbackup bpytop + chromium clamav evtest # needs root permissions to run + firefox gitFull hunspellDicts.de_DE hunspellDicts.en_US @@ -341,6 +343,17 @@ in Defaults lecture = never ''; + # enable firejail + programs.firejail.enable = true; + + # firejail some stuff globally + programs.firejail.wrappedBinaries = { + firefox = { + executable = "${pkgs.lib.getBin pkgs.firefox}/bin/firefox"; + profile = "${pkgs.firejail}/etc/firejail/firefox.profile"; + }; + }; + ### ### per user configuration below ### @@ -408,13 +421,11 @@ in home.packages = with pkgs; [ alacritty ark - chromium emacs falkon fdupes ffmpeg file - firefox #gimp-with-plugins gnome.gedit go |