JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

singularity: update module to correctly wrap suid binary

Browse Source
This commit is contained in:
Justin Bedo 2018-11-23 15:59:02 +11:00
parent 5611397f33
commit 3bab170088
No known key found for this signature in database
GPG Key ID: 2C18202C56C182BD
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/modules/programs/singularity.nix
View File

@ -3,13 +3,20 @@
with lib;
let
cfg = config.programs.singularity;
singularity = pkgs.singularity.overrideAttrs (attrs : {
installPhase = attrs.installPhase + ''
mv $out/libexec/singularity/bin/starter-suid $out/libexec/singularity/bin/starter-suid.orig
ln -s /run/wrappers/bin/singularity-suid $out/libexec/singularity/bin/starter-suid
'';
});
in {
options.programs.singularity = {
enable = mkEnableOption "Singularity";
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.singularity ];
environment.systemPackages = [ singularity ];
security.wrappers.singularity-suid.source = "${singularity}/libexec/singularity/bin/starter-suid.orig";
systemd.tmpfiles.rules = [ "d /var/singularity/mnt/session 0770 root root -"
"d /var/singularity/mnt/final 0770 root root -"
"d /var/singularity/mnt/overlay 0770 root root -"