nydragon/nix-da
1
Fork 0
Code Issues Pull requests Activity Actions 1

fix: remove proc protection from nysh

Browse source
This commit is contained in:
Nydragon 2024-11-01 17:33:13 +01:00
parent 8a12640d36
commit c75cc0752a
Signed by: nydragon
SSH key fingerprint: SHA256:WcjW5NJPQ8Dx4uQDmoIlVPLWE27Od3fxoe0IUvuoPHE
4 changed files with 1 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
home/graphical/default.nix
View file

@ -3,7 +3,6 @@
./firefox ./firefox
./thunderbird ./thunderbird
./vscode ./vscode
./lollypop
./fuzzel.nix ./fuzzel.nix
./gammastep.nix # default because I need to protect my peepers ./gammastep.nix # default because I need to protect my peepers
./swww.nix ./swww.nix

1
home/graphical/fuzzel.nix
View file

@ -26,5 +26,4 @@
}; };
}; };
}; };
} }

2
options/media.nix
View file

@ -85,10 +85,10 @@ in
"video/*" = cfg.ebook.default; "video/*" = cfg.ebook.default;
"image/*" = cfg.image.default; "image/*" = cfg.image.default;
"audio/*" = cfg.audio.default; "audio/*" = cfg.audio.default;
"audio/mpeg" = cfg.audio.default;
# Ebooks sadly don't have a singular major type. # Ebooks sadly don't have a singular major type.
"application/epub+zip" = cfg.ebook.default; "application/epub+zip" = cfg.ebook.default;
}; };
}; };
}; };
} }

1
options/services/nysh.nix
View file

@ -36,7 +36,6 @@ in
PrivateMounts = true; PrivateMounts = true;
ProtectHostname = true; ProtectHostname = true;
ProtectKernelTunables = true; ProtectKernelTunables = true;
ProtectProc = true;
PrivateTmp = true; PrivateTmp = true;
IPAddressDeny = "any"; IPAddressDeny = "any";
}; };