From 00cce2a533ec697ce5b135ac56e413d8e3a500d8 Mon Sep 17 00:00:00 2001 From: Christoph Cullmann Date: Mon, 23 Jan 2023 00:45:35 +0100 Subject: [PATCH] try to firejail stuff --- common.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/common.nix b/common.nix index 399bf65..ef40520 100644 --- a/common.nix +++ b/common.nix @@ -208,8 +208,10 @@ in aspellDicts.en borgbackup bpytop + chromium clamav evtest # needs root permissions to run + firefox gitFull hunspellDicts.de_DE hunspellDicts.en_US @@ -341,6 +343,17 @@ in Defaults lecture = never ''; + # enable firejail + programs.firejail.enable = true; + + # firejail some stuff globally + programs.firejail.wrappedBinaries = { + firefox = { + executable = "${pkgs.lib.getBin pkgs.firefox}/bin/firefox"; + profile = "${pkgs.firejail}/etc/firejail/firefox.profile"; + }; + }; + ### ### per user configuration below ### @@ -408,13 +421,11 @@ in home.packages = with pkgs; [ alacritty ark - chromium emacs falkon fdupes ffmpeg file - firefox #gimp-with-plugins gnome.gedit go