pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -1143,6 +1143,16 @@
 		errExit("mounting /dev");
 	fs_logger("whitelist /dev");
 
+	// mount-bind /nix
+	if (arg_debug)
+		printf("Mounting /nix\n");
+	char *nix;
+	if (asprintf(&nix, "%s/nix", oroot) == -1)
+		errExit("asprintf");
+	if (mount("/nix", nix, NULL, MS_BIND|MS_REC, NULL) < 0)
+		errExit("mounting /nix");
+	fs_logger("whitelist /nix");
+
 	// mount-bind run directory
 	if (arg_debug)
 		printf("Mounting /run\n");
@@ -1201,6 +1211,7 @@
 	free(odiff);
 	free(owork);
 	free(dev);
+	free(nix);
 	free(run);
 	free(tmp);
 }