[Nix-dev] How to install pmount properly?
Harald van Dijk
harald at gigawatt.nl
Thu May 14 10:26:23 CEST 2015
On 14/05/2015 10:00, Matthias Beyer wrote:
> Hi,
>
> I want to use pmount for mounting external devices - but after
> installing it, when using it, it tells me
>
> Error: this program needs to be installed suid root
>
> How to do that properly? I installed via
>
> nix-env -iA nixpkgs.pmount
Packages cannot contain setuid binaries. It would be a big security
problem if they could, as regular users are able to create and build
custom packages.
NixOS has the config.security.setuidPrograms setting, at the system
level, that lets you specify programs for which setuid wrappers should
be created. You can add pmount to this. You will also need to add pmount
to the system packages, as only system packages are considered, again
for security reasons.
See <nixos/modules/security/pam_usb.nix> for a module that uses pmount
and sets up a setuid wrapper for it. You can put it in your own
configuration the same way.
If using Nix without NixOS, then something similar should be easy to do
manually.
Cheers,
Harald van Dijk
More information about the nix-dev
mailing list