diff options
| author | Symphorien Gibol <symphorien+git@xlumurb.eu> | 2021-04-15 21:21:50 +0200 |
|---|---|---|
| committer | Symphorien Gibol <symphorien+git@xlumurb.eu> | 2021-04-17 21:51:40 +0200 |
| commit | fbb8dbdac682296e6435e73c7568b3363f6eb0af (patch) | |
| tree | ba6bc93795f402114701618492e555bcf879763b /pkgs/os-specific/linux/fuse | |
| parent | e019872af81e4013fd518fcacfba74b1de21a50e (diff) | |
| download | nixpkgs-fbb8dbdac682296e6435e73c7568b3363f6eb0af.tar nixpkgs-fbb8dbdac682296e6435e73c7568b3363f6eb0af.tar.gz nixpkgs-fbb8dbdac682296e6435e73c7568b3363f6eb0af.tar.bz2 nixpkgs-fbb8dbdac682296e6435e73c7568b3363f6eb0af.tar.lz nixpkgs-fbb8dbdac682296e6435e73c7568b3363f6eb0af.tar.xz nixpkgs-fbb8dbdac682296e6435e73c7568b3363f6eb0af.tar.zst nixpkgs-fbb8dbdac682296e6435e73c7568b3363f6eb0af.zip | |
fuse: fix mount.fuse -o setuid=...
when mounting a fuse fs by fstab on can write: /nix/store/sdlflj/bin/somefuseexe#argument /mountpoint fuse setuid=someuser mount is run by root, and setuid is a way to tell mount.fuse to run somefuseexe as someuser instead. Under the hood, mount.fuse uses su. The problem is that mount is run by systemd in a seemingly very empty environment not containing /run/current-system/sw/bin nor /run/wrappers/bin in $PATH, so mount fails with "su command not found". We now patch the command to run su with an absolute path. man mount.fuse3 indicates that this option is reserved to root (or with enough capabilities) so not using /run/wrappers/bin/su is thus correct. It has the very small advantage of possibly working on non nixos.
Diffstat (limited to 'pkgs/os-specific/linux/fuse')
| -rw-r--r-- | pkgs/os-specific/linux/fuse/common.nix | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/pkgs/os-specific/linux/fuse/common.nix b/pkgs/os-specific/linux/fuse/common.nix index 053ea34c82e..cb4412609ff 100644 --- a/pkgs/os-specific/linux/fuse/common.nix +++ b/pkgs/os-specific/linux/fuse/common.nix @@ -1,7 +1,7 @@ { version, sha256Hash }: { lib, stdenv, fetchFromGitHub, fetchpatch -, fusePackages, util-linux, gettext +, fusePackages, util-linux, gettext, shadow , meson, ninja, pkg-config , autoreconfHook , python3Packages, which @@ -54,13 +54,14 @@ in stdenv.mkDerivation rec { # $PATH, so it should also work on non-NixOS systems. export NIX_CFLAGS_COMPILE="-DFUSERMOUNT_DIR=\"/run/wrappers/bin\"" - sed -e 's@/bin/@${util-linux}/bin/@g' -i lib/mount_util.c + substituteInPlace lib/mount_util.c --replace "/bin/" "${util-linux}/bin/" '' + (if isFuse3 then '' # The configure phase will delete these files (temporary workaround for # ./fuse3-install_man.patch) install -D -m444 doc/fusermount3.1 $out/share/man/man1/fusermount3.1 install -D -m444 doc/mount.fuse3.8 $out/share/man/man8/mount.fuse3.8 '' else '' + substituteInPlace util/mount.fuse.c --replace '"su"' '"${shadow.su}/bin/su"' sed -e 's@CONFIG_RPATH=/usr/share/gettext/config.rpath@CONFIG_RPATH=${gettext}/share/gettext/config.rpath@' -i makeconf.sh ./makeconf.sh ''); |