mirror of
https://github.com/nix-community/home-manager
synced 2024-11-14 15:19:45 +01:00
lorri: unbreak due to too tight sandboxing
lorri needs to be able to write to /run/user/uid for the socket, to its
own cache directory ~/.cache/lorri and to the directory for gc roots.
(cherry picked from commit f06edaf18b
)
This commit is contained in:
parent
d5824a76bc
commit
7e398b3d76
1 changed files with 6 additions and 0 deletions
|
@ -52,6 +52,12 @@ in {
|
|||
PrivateTmp = true;
|
||||
ProtectSystem = "strict";
|
||||
ProtectHome = "read-only";
|
||||
ReadWritePaths = [
|
||||
# /run/user/1000 for the socket
|
||||
"%t"
|
||||
"/nix/var/nix/gcroots/per-user/%u"
|
||||
];
|
||||
CacheDirectory = [ "lorri" ];
|
||||
Restart = "on-failure";
|
||||
Environment = let
|
||||
path = with pkgs;
|
||||
|
|
Loading…
Reference in a new issue