From 7f0a978e862d1cf89133d0392828d8a811156219 Mon Sep 17 00:00:00 2001
From: Kyle Isom <kyle@imap.cc>
Date: Thu, 26 Mar 2026 14:34:50 -0700
Subject: [PATCH] Relax mcp-agent sandbox for rootless podman compatibility

---
 configs/mcp.nix | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/configs/mcp.nix b/configs/mcp.nix
index 7c3beee..543dbaa 100644
--- a/configs/mcp.nix
+++ b/configs/mcp.nix
@@ -42,22 +42,16 @@ in
       ];
 
       NoNewPrivileges = true;
-      ProtectSystem = "strict";
+      ProtectSystem = "full"; # "strict" blocks /run/user; "full" protects /usr and /boot
       ProtectHome = true;
       PrivateTmp = true;
       PrivateDevices = true;
       ProtectKernelTunables = true;
       ProtectKernelModules = true;
-      ProtectControlGroups = true;
       RestrictSUIDSGID = true;
-      RestrictNamespaces = true;
       LockPersonality = true;
-      MemoryDenyWriteExecute = true;
       RestrictRealtime = true;
-      ReadWritePaths = [
-        "/srv"
-        "/run/user/${toString mcpUid}"
-      ];
+      ReadWritePaths = [ "/srv" ];
     };
   };
 }