Delete lib/sandbox.nix for now

1 files changed, 0 insertions, 48 deletions

diff --git a/lib/sandbox.nix b/lib/sandbox.nix
deleted file mode 100644
index 2cdeb40938a..00000000000
--- a/lib/sandbox.nix
+++ /dev/null
@@ -1,48 +0,0 @@
-{ lib }:
-with lib.strings;
-
-/* Helpers for creating lisp S-exprs for the Apple sandbox
-
-lib.sandbox.allowFileRead [ "/usr/bin/file" ];
-  # => "(allow file-read* (literal \"/usr/bin/file\"))";
-
-lib.sandbox.allowFileRead {
-  literal = [ "/usr/bin/file" ];
-  subpath = [ "/usr/lib/system" ];
-}
-  # => "(allow file-read* (literal \"/usr/bin/file\") (subpath \"/usr/lib/system\"))"
-*/
-
-let
-
-sexp = tokens: "(" + builtins.concatStringsSep " " tokens + ")";
-generateFileList = files:
-  if builtins.isList files
-    then concatMapStringsSep " " (x: sexp [ "literal" ''"${x}"'' ]) files
-    else if builtins.isString files
-      then generateFileList [ files ]
-      else concatStringsSep " " (
-        (map (x: sexp [ "literal" ''"${x}"'' ]) (files.literal or [])) ++
-        (map (x: sexp [ "subpath" ''"${x}"'' ]) (files.subpath or []))
-      );
-applyToFiles = f: act: files: f "${act} ${generateFileList files}";
-genActions = actionName: let
-  action = feature: sexp [ actionName feature ];
-  self = {
-    "${actionName}" = action;
-    "${actionName}File" = applyToFiles action "file*";
-    "${actionName}FileRead" = applyToFiles action "file-read*";
-    "${actionName}FileReadMetadata" = applyToFiles action "file-read-metadata";
-    "${actionName}DirectoryList" = self."${actionName}FileReadMetadata";
-    "${actionName}FileWrite" = applyToFiles action "file-write*";
-    "${actionName}FileWriteMetadata" = applyToFiles action "file-write-metadata";
-  };
-  in self;
-
-in
-
-genActions "allow" // genActions "deny" // {
-  importProfile = derivation: ''
-    (import "${derivation}")
-  '';
-}