3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

70 commits

Author SHA1 Message Date
Alyssa Ross 917218e8e2 fusePackages: don't manually enableParallelBuilding
This is automatic for Meson builds.
2021-05-12 11:57:35 +00:00
Guillaume Girol 0c9ed22e64
Merge pull request #119562 from symphorien/fusermountsetuid
fuse: fix mount.fuse -o setuid=...
2021-04-30 14:26:39 +00:00
Symphorien Gibol fbb8dbdac6 fuse: fix mount.fuse -o setuid=...
when mounting a fuse fs by fstab on can write:
/nix/store/sdlflj/bin/somefuseexe#argument /mountpoint fuse setuid=someuser

mount is run by root, and setuid is a way to tell mount.fuse to run
somefuseexe as someuser instead. Under the hood, mount.fuse uses su.
The problem is that mount is run by systemd in a seemingly very empty
environment not containing /run/current-system/sw/bin nor
/run/wrappers/bin in $PATH, so mount fails with "su command not found".

We now patch the command to run su with an absolute path.

man mount.fuse3 indicates that this option is reserved to root (or with
enough capabilities) so not using
/run/wrappers/bin/su is thus correct. It has the very small advantage of
possibly working on non nixos.
2021-04-17 21:51:40 +02:00
Michael Weiss 4e90ff6e61
fuse3: 3.10.2 -> 3.10.3 2021-04-12 13:45:51 +02:00
Michael Weiss df9dac5e77
fuse3: 3.10.1 -> 3.10.2 (#112016) 2021-02-06 11:52:09 +01:00
Ben Siraphob 16d91ee628 pkgs/os-specific: stdenv.lib -> lib 2021-01-17 23:26:08 +07:00
Profpatsch 4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Michael Weiss 101c5a96ad
fuse3: 3.10.0 -> 3.10.1 (#106162) 2020-12-07 16:37:19 +01:00
Graham Christensen bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
Michael Weiss 33473c422c
fuse3: 3.9.4 -> 3.10.0 (#100075) 2020-10-10 12:51:49 +02:00
Michael Weiss a3c71c3e5d
fuse3: 3.9.2 -> 3.9.4 (#95072)
Note: Version 3.9.3 and 3.9.4 are equivalent:
"This was an "accidental" release, it is equivalent to 3.9.3."
2020-08-10 16:04:55 +02:00
Michael Weiss 82a0240bb0
fuse3: 3.9.1 -> 3.9.2 (#90232) 2020-06-13 12:23:42 +02:00
Michael Weiss 68e9ddacc2
fuse3: 3.9.0 -> 3.9.1 (#82999) 2020-03-21 21:41:37 +01:00
Michael Weiss e6b29634d2
fuse3: 3.8.0 -> 3.9.0 (#75655)
Changelog: https://github.com/libfuse/libfuse/blob/fuse-3.9.0/ChangeLog.rst
2019-12-14 20:16:36 +01:00
Michael Weiss 828061351c
fuse3: 3.7.0 -> 3.8.0 2019-11-03 14:21:43 +01:00
Michael Weiss 262b17a375
fuse3: 3.6.2 -> 3.7.0 2019-09-28 21:08:47 +02:00
volth c814d72b51 treewide: name -> pname 2019-08-17 10:54:38 +00:00
Michael Weiss 50464716e3
fuse3: 3.6.1 -> 3.6.2 2019-07-10 13:29:00 +02:00
Michael Weiss f2cfc158b2
fuse,fuse3: Avoid unnecessary build warnings
Do not set FUSERMOUNT_DIR since we already set it though
NIX_CFLAGS_COMPILE.

Setting it twice results in a lot of warnings like this one:

<command-line>:0:0: warning: "FUSERMOUNT_DIR" redefined

which makes the build look potentially broken.
This doesn't affect the result but fuse3 will now build without any
warnings and building fuse yields less warnings.
2019-06-14 22:09:15 +02:00
Michael Weiss b8c827c266
fuse3: 3.5.0 -> 3.6.1 2019-06-14 13:38:22 +02:00
Michael Weiss b3bcdf8cf5
fuse3: 3.4.2 -> 3.5.0 2019-04-16 23:40:41 +02:00
Matthew Bauer 5541559635 fuse3: use /etc/fuse.conf for configuration (#59043)
We don’t want the config file to be read only and in the Nix store.
2019-04-07 23:00:51 +02:00
Michael Weiss c1c13e4115
fuse3: 3.4.1 -> 3.4.2 2019-03-10 00:03:25 +01:00
Michael Weiss e7e18206dd
fuse: 2.9.8 -> 2.9.9 2019-01-05 02:26:02 +01:00
Michael Weiss 1259a24c05 fuse3: 3.3.0 -> 3.4.1 2018-12-22 17:56:42 +01:00
Michael Weiss fee991333d fuse3: 3.2.6 -> 3.3.0 2018-11-07 14:45:27 +01:00
Michael Weiss bf0f63090b fuse3: 3.2.5 -> 3.2.6 2018-08-31 21:42:03 +02:00
Vladimír Čunát 765d695b89
Merge branch 'staging-next'
Security fixes for a few packages are included.
2018-08-21 15:36:02 +02:00
Markus Kowalewski da7a32ef17
fuse: add license 2018-08-20 00:47:52 +02:00
Jan Malakhovski 662756bb6d fuse: make tests run, but disable 2018-08-11 09:35:31 +00:00
Michael Weiss ec1082c58f fuse: 2.9.7 -> 2.9.8 (security, CVE-2018-10906)
Upstream changelog:
- SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the allow_other option even when
  this was forbidden in /etc/fuse.conf. The vulnerability is present
  only on systems where SELinux is active (including in permissive
  mode).
- libfuse no longer segfaults when fuse_interrupted() is called outside
  the event loop.
- The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
- Fixed rename deadlock on FreeBSD.
2018-07-25 23:53:40 +02:00
Michael Weiss 46cd782b43 fuse3: 3.2.4 -> 3.2.5 (security, CVE-2018-10906)
Upstream changelog:
- SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the allow_other option even when
  this was forbidden in /etc/fuse.conf. The vulnerability is present
  only on systems where SELinux is active (including in permissive
  mode).
- The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
- Added a test of seekdir to test_syscalls.
- Fixed readdir bug when non-zero offsets are given to filler and the
  filesystem client, after reading a whole directory, re-reads it from a
  non-zero offset e. g. by calling seekdir followed by readdir.
2018-07-25 23:53:40 +02:00
volth 52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Michael Weiss fa6941f108 fuse3: 3.2.3 -> 3.2.4 2018-07-13 16:43:21 +02:00
Michael Weiss d3e3e131f5 fuse3: 3.2.2 -> 3.2.3 2018-05-11 22:12:53 +02:00
Michael Raskin 085eab7ef6 fuse3: install fuse.conf without execute bit 2018-04-01 23:02:25 +02:00
Michael Weiss c00b5bf6a2 fuse3: 3.2.1 -> 3.2.2
Stop using bin/mount.fuse from fuse3 for fuse2 (mount.fuse from fuse3
isn't guaranteed to remain backwards compatible).
2018-04-01 01:55:14 +02:00
Shea Levy ed5bd8ad49
fuse: Fix cross-compilation 2018-02-28 15:01:32 -05:00
Yegor Timoshenko 506c89c30a maintainers: remove mornfall from packages 2018-01-17 05:17:33 +00:00
Michael Weiss f46003798e fuse3: 3.2.0 -> 3.2.1 2017-11-15 13:42:44 +01:00
Michael Weiss 1a9467edd5 fuse3: 3.1.1 -> 3.2.0 2017-09-23 21:31:15 +02:00
Michael Weiss 351f5fc585 fuse3: init at 3.1.1
This includes fuse-common (fusePackages.fuse_3.common) as recommended by
upstream. But while fuse(2) and fuse3 would normally depend on
fuse-common we can't do that in nixpkgs while fuse-common is just
another output from the fuse3 multiple-output derivation (i.e. this
would result in a circular dependency). To avoid building fuse3 twice I
decided it would be best to copy the shared files (i.e. the ones
provided by fuse(2) and fuse3) from fuse-common to fuse (version 2) and
avoid collision warnings by defining priorities. Now it should be
possible to install an arbitrary combination of "fuse", "fuse3", and
"fuse-common" without getting any collision warnings. The end result
should be the same and all changes should be backwards compatible
(assuming that mount.fuse from fuse3 is backwards compatible as stated
by upstream [0] - if not this might break some /etc/fstab definitions
but that should be very unlikely).

My tests with sshfs (version 2 and 3) didn't show any problems.

See #28409 for some additional information.

[0]: https://github.com/libfuse/libfuse/releases/tag/fuse-3.0.0
2017-09-21 23:59:46 +02:00
Parnell Springmeyer 6777e6f812
Merging with upstream 2017-01-29 05:54:01 -06:00
Parnell Springmeyer 4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Parnell Springmeyer bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
Tuomas Tynkkynen 8999ab9e56 fuse: Add Aarch64 patch from upstream git to fix build
See e.g. https://bugs.launchpad.net/linaro-oe/+bug/1087757
2017-01-25 00:01:54 +02:00
Tuomas Tynkkynen 45338a3077 fuse: Minor cleanup 2016-12-28 17:37:10 +02:00
rushmorem 7be7620e51 fuse: 2.9.5 -> 2.9.7 2016-09-16 22:28:14 +02:00
Parnell Springmeyer 98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00