From 4ac11a35676b58ff3df41635ae08a432e6076074 Mon Sep 17 00:00:00 2001
From: Soispha <soispha@vhack.eu>
Date: Wed, 2 Aug 2023 00:21:27 +0200
Subject: Fix(system/services/nix-sync): Remove the last access to the file
 system

---
 system/services/nix-sync/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/system/services/nix-sync/default.nix b/system/services/nix-sync/default.nix
index 8c466b8..11cb551 100644
--- a/system/services/nix-sync/default.nix
+++ b/system/services/nix-sync/default.nix
@@ -104,7 +104,7 @@
       LogsDirectory = "nix-sync";
       LogsDirectoryMode = "0750";
       # Proc filesystem
-      ProcSubset = "all";
+      ProcSubset = "pid";
       ProtectProc = "invisible";
       # New file permissions
       UMask = "0027"; # 0640 / 0750
@@ -115,7 +115,7 @@
       NoNewPrivileges = true;
       # Sandboxing (sorted by occurrence in https://www.freedesktop.org/software/systemd/man/systemd.exec.html)
       ReadWritePaths = ["${esa (parents repo.path)}" "-${esa repoCachePath}" "-${esa cfg.cachePath}"];
-      ReadOnlyPaths = ["/nix"];
+      # ReadOnlyPaths = ["/nix"];
       ProtectSystem = "strict";
       ProtectHome = true;
       PrivateTmp = true;
-- 
cgit 1.4.1