Firejail: Difference between revisions
imported>Onny Init page |
imported>Onny Add usage examples |
||
Line 5: | Line 5: | ||
Add following line to your system configuration to install Firejail globally | Add following line to your system configuration to install Firejail globally | ||
<syntaxhighlight lang="nix> | <syntaxhighlight lang="nix"> | ||
environment.systemPackages = with pkgs; [ firejail ]; | environment.systemPackages = with pkgs; [ firejail ]; | ||
</syntaxhighlight> | |||
== Usage == | |||
To start an application in a sandboxed enviroment use Firejail like this | |||
<syntaxhighlight lang="bash"> | |||
firejail bash | |||
</syntaxhighlight> | |||
For a graphical application like [[Firefox]] web browser, it is recommended to also use a profile | |||
<syntaxhighlight lang="bash"> | |||
firejail --profile=$(nix --extra-experimental-features nix-command --extra-experimental-features flakes eval -f '<nixpkgs>' --raw 'firejail')/etc/firejail/firefox.profile firefox | |||
</syntaxhighlight> | </syntaxhighlight> | ||
[[Category:Applications]] | [[Category:Applications]] | ||
[[Category:Security]] | [[Category:Security]] |