about summary refs log tree commit diff
path: root/pkgs/os-specific/linux/firejail/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/os-specific/linux/firejail/default.nix')
-rw-r--r--pkgs/os-specific/linux/firejail/default.nix13
1 files changed, 13 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix
index c3dc819b5bcff..bbb3a1daab698 100644
--- a/pkgs/os-specific/linux/firejail/default.nix
+++ b/pkgs/os-specific/linux/firejail/default.nix
@@ -37,9 +37,22 @@ stdenv.mkDerivation rec {
     # Adds the /nix directory when using an overlay.
     # Required to run any programs under this mode.
     ./mount-nix-dir-on-overlay.patch
+
     # By default fbuilder hardcodes the firejail binary to the install path.
     # On NixOS the firejail binary is a setuid wrapper available in $PATH.
     ./fbuilder-call-firejail-on-path.patch
+
+    # NixOS specific whitelist to resolve binary paths in user environment
+    # Fixes https://github.com/NixOS/nixpkgs/issues/170784
+    # Upstream fix https://github.com/netblue30/firejail/pull/5131
+    # Upstream hopefully fixed in later versions > 0.9.68
+   ./whitelist-nix-profile.patch
+
+    # Fix OpenGL support for various applications including Firefox
+    # Issue: https://github.com/NixOS/nixpkgs/issues/55191
+    # Upstream fix: https://github.com/netblue30/firejail/pull/5132
+    # Hopefully fixed upstream in version > 0.9.68
+    ./fix-opengl-support.patch
   ];
 
   prePatch = ''
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-16 16:10:37 +0000