guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anyone working on packaging Firejail?


From: Ludovic Courtès
Subject: Re: Anyone working on packaging Firejail?
Date: Fri, 21 Dec 2018 21:56:58 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)

Hi Eric,

Eric Bavier <address@hidden> skribis:

> On Thu, 20 Dec 2018 11:19:07 -0500

[...]

>> > Run icecat, a browser, in a container with
>> >
>> >     guix environment --container --network --share=/tmp/.X11-unix
>> > --ad-hoc icecat
>> >     export DISPLAY=":0.0"
>> >     icecat  
>> 
>> Is there a way to do this automatically?  ie:  you don't have to type
>> guix environment --container .... icecat?  You just type "icecat?"
>
> That is the major advantage Firejail has over 'guix environment
> --container' currently.  It contains a large collection of "profiles"
> for different applications, specifying how exactly to jail them so that
> they can still function.

We also discussed “guix run icecat” as a simpler option:

  https://lists.gnu.org/archive/html/help-guix/2018-01/msg00108.html

‘guix run’ can guess parts of the profile, like whether the application
needs X11 or Fontconfig stuff, just by looking at the references of the
application.  That said, I’m curious to see what the Firejail profiles
look like and to what extent we’d need to manually annotate packages if
we were to provide similar functionality.

Firejail looks nice!

Ludo’.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]