summary refs log tree commit diff
diff options
context:
space:
mode:
authoredef <edef@unfathomable.blue>2022-06-12 09:33:18 +0000
committeredef <edef@unfathomable.blue>2022-06-12 09:33:18 +0000
commite0c4b694b53da86e520dfd5755b484a9b60c2878 (patch)
treee78b00995563346765ffbdb0e8ea29f1286e94c4
parente1ec1dfd6aa4f88377dafcd18c5ecc728e2dc74a (diff)
downloadunf-legacy-e0c4b694b53da86e520dfd5755b484a9b60c2878.tar.zst
ripple/shell.nix: provide a wrapper for SUID fusermount(1)
fusermount(1) gets shadowed by pkgs.fuse, but we actually need the
SUID-root one in the system PATH. This adds a wrapper script that
hunts down a SUID-root binary from PATH.

Change-Id: Icc5c6789d7b74bf8f6e3c50529333eb6b894527f
-rw-r--r--ripple/shell.nix20
1 files changed, 19 insertions, 1 deletions
diff --git a/ripple/shell.nix b/ripple/shell.nix
index cc9c44e..ce621fa 100644
--- a/ripple/shell.nix
+++ b/ripple/shell.nix
@@ -4,7 +4,21 @@
 
 with import ./nix;
 
-let inherit (gcc) cc; in
+let
+  inherit (gcc) cc;
+  # workaround for fusermount(1) getting shadowed by pkgs.fuse
+  # fusermount needs to be SUID-root to work, so nothing we can supply will suffice
+  # we have to pull it from the system environment instead
+  # NOTE: this has to go *before* pkgs.fuse in PATH
+  fusermount = writeShellScriptBin "fusermount" ''
+    IFS=:
+    for p in $PATH; do
+      [ -u "$p/fusermount" ] && exec "$p/fusermount" "$@"
+    done
+    echo cannot find SUID fusermount >&2
+    exit 1
+  '';
+in
 
 mkShell {
   packages = [
@@ -31,4 +45,8 @@ mkShell {
   PROTOC = "protoc";
 
   MINITRACE_CC1 = "${cc}/libexec/gcc/x86_64-unknown-linux-gnu/${cc.version}/cc1";
+
+  shellHook = ''
+    export PATH=${fusermount}/bin:$PATH
+  '';
 }