From 4ad2f1dc617b74a147c246e3a392c2999a9bca54 Mon Sep 17 00:00:00 2001 From: h7x4 Date: Wed, 5 Nov 2025 08:43:03 +0900 Subject: [PATCH] hosts/xps16: enable apparmor for firefox --- hosts/xps16/apparmor.nix | 8 ++++++++ hosts/xps16/configuration.nix | 2 ++ 2 files changed, 10 insertions(+) create mode 100644 hosts/xps16/apparmor.nix diff --git a/hosts/xps16/apparmor.nix b/hosts/xps16/apparmor.nix new file mode 100644 index 0000000..e1b4067 --- /dev/null +++ b/hosts/xps16/apparmor.nix @@ -0,0 +1,8 @@ +{ pkgs, ... }: +{ + security.apparmor = { + enable = true; + packages = with pkgs; [ apparmor-profiles ]; + policies.firefox.path = "${pkgs.apparmor-profiles}/etc/apparmor.d/firefox"; + }; +} diff --git a/hosts/xps16/configuration.nix b/hosts/xps16/configuration.nix index bf55efd..7d732eb 100644 --- a/hosts/xps16/configuration.nix +++ b/hosts/xps16/configuration.nix @@ -3,6 +3,8 @@ imports = [ ./hardware-configuration.nix + ./apparmor.nix + ./services/btrfs.nix ./services/docker.nix ./services/fprintd.nix