Wrap the binaries in firejail and place them in the global path.
Declarations
Type
attribute set of (path or (submodule))Default
{ }Example
{
firefox = {
executable = "${lib.getBin pkgs.firefox}/bin/firefox";
profile = "${pkgs.firejail}/etc/firejail/firefox.profile";
};
mpv = {
executable = "${lib.getBin pkgs.mpv}/bin/mpv";
profile = "${pkgs.firejail}/etc/firejail/mpv.profile";
};
}