gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/esphome: fix bwrap

Browse Source
This commit is contained in:
Felix Buehler
2023-11-28 00:48:30 +01:00
parent 501680a656
commit 9f563e21ac
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/modules/services/home-automation/esphome.nix
View File

@@ -107,10 +107,10 @@ in
ProtectClock = true; ProtectClock = true;
ProtectControlGroups = true; ProtectControlGroups = true;
ProtectHome = true; ProtectHome = true;
ProtectHostname = true; ProtectHostname = false; # breaks bwrap
ProtectKernelLogs = true; ProtectKernelLogs = false; # breaks bwrap
ProtectKernelModules = true; ProtectKernelModules = true;
ProtectKernelTunables = true; ProtectKernelTunables = false; # breaks bwrap
ProtectProc = "invisible"; ProtectProc = "invisible";
ProcSubset = "all"; # Using "pid" breaks bwrap ProcSubset = "all"; # Using "pid" breaks bwrap
ProtectSystem = "strict"; ProtectSystem = "strict";