[PATCH 0/2] Find fusermount in Go executables

Open

Details

One participant

Felix Lechner

Owner: unassigned

Submitted by: Felix Lechner

Severity: normal

Felix Lechner wrote on 27 Jun 14:35 +0200

Recipients:(address . bug-guix@gnu.org)(name . Felix Lechner)(address . felix.lechner@lease-up.com)

Message-ID:cover.1719491359.git.felix.lechner@lease-up.com

Go-fuse requires the setuid version of Fusermount. Relying on PATH is not

acceptable in all situations, especially not when mounts are executed

automatically as part of PAM.

This patch is similar to this one for OpenSMTPd. [1]

[1] https://patchwise.org/71613

Felix Lechner (2):

Find fusermount in Gocryptfs.

Find fusermount in go-fuse.

gnu/packages/file-systems.scm | 7 +++++++

gnu/packages/golang.scm | 14 +++++++++++++-

2 files changed, 20 insertions(+), 1 deletion(-)

base-commit: 71c678a16aae416298a0e3fa322b425315bb7b00

2.41.0

Felix Lechner wrote on 27 Jun 15:20 +0200

[PATCH 1/2] Find fusermount in Gocryptfs.

Recipients:(address . 71795@patchwise.org)(name . Felix Lechner)(address . felix.lechner@lease-up.com)

Message-ID:0376e82ee5ce92bff727cb3f25af9afe4407b9e1.1719491359.git.felix.lechner@lease-up.com

Change-Id: I43eb135c0b2a89575174a391c047d07907b0b930

---

gnu/packages/file-systems.scm | 7 +++++++

1 file changed, 7 insertions(+)

Toggle diff (27 lines)diff --git a/gnu/packages/file-systems.scm b/gnu/packages/file-systems.scm
index fa7da35898..8edfc349c3 100644
--- a/gnu/packages/file-systems.scm
+++ b/gnu/packages/file-systems.scm
@@ -518,6 +518,11 @@ (define-public gocryptfs
       #~(modify-phases %standard-phases
           ;; after 'check phase, should maybe unmount leftover mounts as in
           ;; https://github.com/rfjakob/gocryptfs/blob/a55b3cc15a6d9bce116a90f33df4bc99d9dd6a10/test.bash#L28
+          (add-after 'unpack 'fix-paths
+            (lambda* (#:key inputs #:allow-other-keys)
+              (let* ((fusermount3 "/run/setuid-programs/fusermount3"))
+                (substitute* "src/github.com/rfjakob/gocryptfs/mount.go"
+                  (("/bin/fusermount") fusermount3)))))
           (replace 'build
             (lambda arguments
               (for-each
@@ -547,6 +552,8 @@ (define-public gocryptfs
                     go-golang-org-x-term
                     openssl
                     pkg-config))
+    (inputs (list
+             fuse))
     (home-page "https://github.com/rfjakob/gocryptfs")
     (synopsis "Encrypted overlay filesystem")
     (description
-- 
2.41.0

Felix Lechner wrote on 27 Jun 15:20 +0200

[PATCH 2/2] Find fusermount in go-fuse.

Recipients:(address . 71795@patchwise.org)(name . Felix Lechner)(address . felix.lechner@lease-up.com)

Message-ID:4631eca14554eb4ed5683cf3d5599ca47e849486.1719491359.git.felix.lechner@lease-up.com

Change-Id: I8cf7feb8c31f4ea4afec7698ab1b3d5731d7ab8e

---

gnu/packages/golang.scm | 14 +++++++++++++-

1 file changed, 13 insertions(+), 1 deletion(-)

Toggle diff (38 lines)diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index e090bc1210..d6acddbcce 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -88,6 +88,7 @@ (define-module (gnu packages golang)
   #:use-module (gnu packages golang-crypto)
   #:use-module (gnu packages golang-web)
   #:use-module (gnu packages golang-xyz)
+  #:use-module (gnu packages linux)
   #:use-module (gnu packages lua)
   #:use-module (gnu packages mail)
   #:use-module (gnu packages mp3)
@@ -1417,11 +1418,22 @@ (define-public go-github-com-hanwen-go-fuse-v2
                   "1ik0yvs9m40vxccpb0rpxc22fyqmcgyysc7w0yl9kn3jyr6qa1d5"))))
       (build-system go-build-system)
       (arguments
-       '(#:import-path "github.com/hanwen/go-fuse/v2"))
+       (list
+        #:import-path "github.com/hanwen/go-fuse/v2"
+        #:phases
+        #~(modify-phases %standard-phases
+            (add-after 'unpack 'fix-paths
+              (lambda* (#:key inputs #:allow-other-keys)
+                (let* ((fusermount3 "/run/setuid-programs/fusermount3"))
+                  (substitute* "src/github.com/hanwen/go-fuse/v2/fuse/mount_linux.go"
+                    (("bin, err := fusermountBinary[(][)]")
+                     (format #f "bin, err := ~s, nil" fusermount3)))))))))
       (native-inputs (list
                       go-golang-org-x-sys
                       go-golang-org-x-sync
                       go-github-com-kylelemons-godebug))
+      (inputs (list
+               fuse))
       (home-page "https://github.com/hanwen/go-fuse")
       (synopsis "Go bindings for FUSE filesystems")
       (description
-- 
2.41.0

Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 71795@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it

mumi current 71795

Then, you may apply the latest patchset in this issue (with sign off)

mumi am -- -s

Or, compose a reply to this issue

mumi compose

Or, send patches to this issue

mumi send-email *.patch

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date