From 5541426fd0ac91b7975dfed19801c2589336b3ca Mon Sep 17 00:00:00 2001
From: caem <me@caem.dev>
Date: Sat, 25 Jan 2025 02:53:51 +0100
Subject: [PATCH] asd

---
 overlays/nixpak/firefox.nix | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/overlays/nixpak/firefox.nix b/overlays/nixpak/firefox.nix
index 22e7c74..b95d52c 100644
--- a/overlays/nixpak/firefox.nix
+++ b/overlays/nixpak/firefox.nix
@@ -2,7 +2,7 @@
 # https://github.com/ryan4yin/nix-config/blob/7deed26cc5a3af2072b8c89a688f265607babc80/hardening/nixpaks/firefox.nix
 # https://github.com/schizofox/schizofox/blob/cdf69b2a445ff12680657a3bd44ce7c406bf2ae6/flake/modules/home-manager/default.nix
 
-{ lib, ... }: final: prev: {
+{ ... }: final: prev: {
   firefox-esr = let
     sandboxed-firefox-esr = prev.mkNixPak {
       config = { sloth, ... }: {
@@ -50,16 +50,18 @@
             (envSuffix "XDG_RUNTIME_DIR" "/pulse")
             (envSuffix "XDG_RUNTIME_DIR" "/doc")
             (envSuffix "XDG_RUNTIME_DIR" "/dconf")
-            (lib.mkLast [ "/etc/firefox/policies/policies.json" "/app/etc/firefox/policies/policies.json" ])
 
             [(sloth.mkdir (sloth.concat' sloth.xdgConfigHome "/mozilla")) (sloth.concat' sloth.homeDir "/.mozilla")]
+
+            # rw because we have to place policies.json inside
+            ["${prev.firefox-esr}/lib/firefox" "/app/etc/firefox"]
           ];
 
           bind.ro = [
+            [ "/etc/firefox/policies/policies.json" "/app/etc/firefox/policies/policies.json" ]
             "/sys/bus/pci"
             "/etc/resolv.conf"
             "/etc/localtime"
-            ["${prev.firefox-esr}/lib/firefox" "/app/etc/firefox"]
             (sloth.concat' sloth.xdgConfigHome "/dconf")
             (sloth.concat' sloth.xdgConfigHome "/gtk-2.0")
             (sloth.concat' sloth.xdgConfigHome "/gtk-3.0")