]> git.rmz.io Git - dotfiles.git/blobdiff - mkosi/kodi/mkosi.nspawn
repos / dotfiles.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
mkosi/kodi: cleanup Capability and SystemCallFilter
[dotfiles.git] / mkosi / kodi / mkosi.nspawn
diff --git a/mkosi/kodi/mkosi.nspawn b/mkosi/kodi/mkosi.nspawn
index 6c87173f5a36b19f25dde32ab292527f765caf2f..61bb674d7a8103d4f432b91db449076361493387 100644 (file)
--- a/mkosi/kodi/mkosi.nspawn
+++ b/mkosi/kodi/mkosi.nspawn
@@ -1,18 +1,26 @@
 [Exec]
 PrivateUsers=no
-Capability=all
-SystemCallFilter=@default @raw-io @system-service @known
 
 [Files]
 # binds host kodi home folder into nspawn
 Bind=/var/lib/kodi
 
+# media
+Bind=/mnt/fook/Movies
+Bind=/mnt/fook/Series
+Bind=/mnt/fook/games
+Bind=/mnt/fook/usenet
+Bind=/mnt/fook/torrents
+
 # device access
 Bind=/dev/tty0
 Bind=/dev/tty1
 BindReadOnly=/dev/bus/usb
 BindReadOnly=/dev/dri
 BindReadOnly=/dev/input
+BindReadOnly=/dev/uinput
+# libinput reads this to know about devices
+BindReadOnly=/run/udev
 BindReadOnly=/dev/lirc0
 BindReadOnly=/dev/vga_arbiter
 BindReadOnly=/lib/modules
My dotfiles