firejail: Fix resolve binary paths in user environment

1 files changed, 7 insertions, 0 deletions

diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix
index c3dc819b5bc..3caf41cfca5 100644
--- a/pkgs/os-specific/linux/firejail/default.nix
+++ b/pkgs/os-specific/linux/firejail/default.nix
@@ -37,9 +37,16 @@ stdenv.mkDerivation rec {
     # Adds the /nix directory when using an overlay.
     # Required to run any programs under this mode.
     ./mount-nix-dir-on-overlay.patch
+
     # By default fbuilder hardcodes the firejail binary to the install path.
     # On NixOS the firejail binary is a setuid wrapper available in $PATH.
     ./fbuilder-call-firejail-on-path.patch
+
+    # NixOS specific whitelist to resolve binary paths in user environment
+    # Fixes https://github.com/NixOS/nixpkgs/issues/170784
+    # Upstream fix https://github.com/netblue30/firejail/pull/5131
+    # Upstream hopefully fixed in later versions > 0.9.68
+   ./whitelist-nix-profile.patch
   ];
 
   prePatch = ''