diff options
Diffstat (limited to 'corepkgs/buildenv.nix')
-rw-r--r-- | corepkgs/buildenv.nix | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/corepkgs/buildenv.nix b/corepkgs/buildenv.nix index 5bf7b4e56042..ab1ce13f2cf6 100644 --- a/corepkgs/buildenv.nix +++ b/corepkgs/buildenv.nix @@ -23,5 +23,20 @@ derivation { # network traffic, so don't do that. preferLocalBuild = true; + __sandboxProfile = '' + (allow sysctl-read) + (allow file-read* + (literal "/usr/lib/libSystem.dylib") + (literal "/usr/lib/libSystem.B.dylib") + (literal "/usr/lib/libobjc.A.dylib") + (literal "/usr/lib/libobjc.dylib") + (literal "/usr/lib/libauto.dylib") + (literal "/usr/lib/libc++abi.dylib") + (literal "/usr/lib/libc++.1.dylib") + (literal "/usr/lib/libDiagnosticMessagesClient.dylib") + (subpath "/usr/lib/system") + (subpath "/dev")) + ''; + inherit chrootDeps; } |