nix: expose no_new_session in module

Useful for shells and terminal programs like chat clients.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>

nixos.nix

@@ -123,6 +123,7 @@ in
                           env
                           ;
                         map_real_uid = app.mapRealUid;
+                        no_new_session = app.tty;
                         filesystem =
                           [
                             { src = "/bin"; }

options.md

@@ -36,7 +36,7 @@ package
 
 
 *Default:*
-` <derivation fortify-0.1.0> `
+` <derivation fortify-0.2.1> `
 
 
 
@@ -478,6 +478,30 @@ null or package
 
 
 
+## environment\.fortify\.apps\.\*\.tty
+
+
+
+Whether to enable allow access to the controlling terminal\.
+
+
+
+*Type:*
+boolean
+
+
+
+*Default:*
+` false `
+
+
+
+*Example:*
+` true `
+
+
+
+
 ## environment\.fortify\.apps\.\*\.userns
 
 

options.nix

@@ -133,6 +133,7 @@ in
               userns = mkEnableOption "userns within the sandbox";
               mapRealUid = mkEnableOption "mapping to fortify's real UID within the sandbox";
               dev = mkEnableOption "access to all devices within the sandbox";
+              tty = mkEnableOption "allow access to the controlling terminal";
 
               net = mkEnableOption "network access within the sandbox" // {
                 default = true;