Firejail

programs.firejail.enable

Whether to enable firejail, a sandboxing tool for Linux. Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/programs/firejail.nix

programs.firejail.wrappedBinaries

Wrap the binaries in firejail and place them in the global path.

Type: attribute set of (path or (submodule))

Default

{ }

Example

{firefox = {executable = "${lib.getBin pkgs.firefox}/bin/firefox";profile = "${pkgs.firejail}/etc/firejail/firefox.profile";};mpv = {executable = "${lib.getBin pkgs.mpv}/bin/mpv";profile = "${pkgs.firejail}/etc/firejail/mpv.profile";};}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/programs/firejail.nix