[Nix-dev] setuid wrappers (fuse/sshfs)

Mathijs Kwik mathijs at bluescreen303.nl
Tue Jan 3 23:53:07 CET 2012


ok, works now.
had to explicitly mention fuse itself too (not just sshfsFuse)

I noticed setuid-wrappers.nix contained cdrdao, wodim and growisofs,
all cd/dvd burning tools.
Is there a reason for this? on Arch they aren't.
it seems udev + consolekit take care of setting an RW acl on /dev/sr0
for the user that's logged in/active on the console. Furthermore,
group "cdrom" has write access to that device.

Is this just a historical leftover?

Thanks,
Mathijs

On Tue, Jan 3, 2012 at 11:41 AM, Eelco Dolstra <e.dolstra at tudelft.nl> wrote:
> Hi,
>
> On 03/01/12 09:45, Mathijs Kwik wrote:
>
>> I like to put every package I use in configuration.nix in
>> environment.systemPackages.
>> User-specific packages are all in ~/.nixpkgs/config.nix
>> So basically. I don't use nix-env --install for separate packages,
>> hence the default profile is empty.
>> However, I wanted to use sshfs-fuse. Fuse has a setuid-wrapper for 'fusermount'.
>> I tried it in my user-specific config.nix first, which didn't work.
>
> I also have fuse and sshfs in environment.systemPackages so this should work.
>
> What's the contents of /var/setuid-wrappers/fusermount.real?  It should be
> something like /nix/store/...-system-path/bin/fusermount.  If it's
> /nix/var/nix/profiles/default/bin/fusermount, then fusermount couldn't be found
> in the system path so the setuid wrapper generator fell back to using the system
> profile.  (See /etc/nixos/nixos/modules/security/setuid-wrappers.nix.)
>
> --
> Eelco Dolstra | http://www.st.ewi.tudelft.nl/~dolstra/
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev


More information about the nix-dev mailing list