From fbb8dbdac682296e6435e73c7568b3363f6eb0af Mon Sep 17 00:00:00 2001
From: Symphorien Gibol <symphorien+git@xlumurb.eu>
Date: Thu, 15 Apr 2021 21:21:50 +0200
Subject: fuse: fix mount.fuse -o setuid=...

when mounting a fuse fs by fstab on can write:
/nix/store/sdlflj/bin/somefuseexe#argument /mountpoint fuse setuid=someuser

mount is run by root, and setuid is a way to tell mount.fuse to run
somefuseexe as someuser instead. Under the hood, mount.fuse uses su.
The problem is that mount is run by systemd in a seemingly very empty
environment not containing /run/current-system/sw/bin nor
/run/wrappers/bin in $PATH, so mount fails with "su command not found".

We now patch the command to run su with an absolute path.

man mount.fuse3 indicates that this option is reserved to root (or with
enough capabilities) so not using
/run/wrappers/bin/su is thus correct. It has the very small advantage of
possibly working on non nixos.
---
 pkgs/os-specific/linux/fuse/common.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'pkgs/os-specific/linux/fuse')

diff --git a/pkgs/os-specific/linux/fuse/common.nix b/pkgs/os-specific/linux/fuse/common.nix
index 053ea34c82e..cb4412609ff 100644
--- a/pkgs/os-specific/linux/fuse/common.nix
+++ b/pkgs/os-specific/linux/fuse/common.nix
@@ -1,7 +1,7 @@
 { version, sha256Hash }:
 
 { lib, stdenv, fetchFromGitHub, fetchpatch
-, fusePackages, util-linux, gettext
+, fusePackages, util-linux, gettext, shadow
 , meson, ninja, pkg-config
 , autoreconfHook
 , python3Packages, which
@@ -54,13 +54,14 @@ in stdenv.mkDerivation rec {
     # $PATH, so it should also work on non-NixOS systems.
     export NIX_CFLAGS_COMPILE="-DFUSERMOUNT_DIR=\"/run/wrappers/bin\""
 
-    sed -e 's@/bin/@${util-linux}/bin/@g' -i lib/mount_util.c
+    substituteInPlace lib/mount_util.c --replace "/bin/" "${util-linux}/bin/"
     '' + (if isFuse3 then ''
       # The configure phase will delete these files (temporary workaround for
       # ./fuse3-install_man.patch)
       install -D -m444 doc/fusermount3.1 $out/share/man/man1/fusermount3.1
       install -D -m444 doc/mount.fuse3.8 $out/share/man/man8/mount.fuse3.8
     '' else ''
+      substituteInPlace util/mount.fuse.c --replace '"su"' '"${shadow.su}/bin/su"'
       sed -e 's@CONFIG_RPATH=/usr/share/gettext/config.rpath@CONFIG_RPATH=${gettext}/share/gettext/config.rpath@' -i makeconf.sh
       ./makeconf.sh
     '');
-- 
cgit 1.4.1