diff options
| -rw-r--r-- | system/programs.nix | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/system/programs.nix b/system/programs.nix index 483b49a..9db68d9 100644 --- a/system/programs.nix +++ b/system/programs.nix @@ -1,4 +1,19 @@ -{pkgs, ...}: { +{...}: { + # Fix firefox not being properly sandboxed and security + environment.etc."apparmor.d/firefox-local".text = '' + # This profile allows everything and only exists to give the + # application a name instead of having the label "unconfined" + abi <abi/4.0>, + include <tunables/global> + profile firefox-local + /home/mun/bin/firefox/{firefox,firefox-bin,updater} + flags=(unconfined) { + userns, + # Site-specific additions and overrides. See local/README for details. + include if exists <local/firefox> + } + ''; + programs.firefox = { enable = true; languagePacks = ["en-GB" "cs" "sk" "de"]; |