2022-12-28 09:30:29 +00:00
|
|
|
{ fuse, gocryptfs, util-linux, lib }:
|
2022-10-18 12:29:36 +00:00
|
|
|
|
2022-12-25 07:33:24 +00:00
|
|
|
(gocryptfs.overrideAttrs (upstream: {
|
2022-10-18 12:29:36 +00:00
|
|
|
# XXX `su colin` hangs when pam_mount tries to mount a gocryptfs system
|
|
|
|
# unless `logger` (util-linux) is accessible from gocryptfs.
|
|
|
|
# this is surprising: the code LOOKS like it's meant to handle logging failures.
|
|
|
|
# propagating util-linux through either `environment.systemPackages` or `security.pam.mount.additionalSearchPaths` DOES NOT WORK.
|
|
|
|
#
|
|
|
|
# TODO: see about upstreaming this
|
2022-12-28 09:30:29 +00:00
|
|
|
#
|
|
|
|
# additionally, we need /run/wrappers/bin EXPLICITLY in PATH, for when we run not as root.
|
|
|
|
# but we want to keep `fuse` for when we ARE running as root -- particularly during an activation script BEFORE the wrappers exist.
|
2022-10-18 12:29:36 +00:00
|
|
|
postInstall = ''
|
|
|
|
wrapProgram $out/bin/gocryptfs \
|
2022-12-28 09:30:29 +00:00
|
|
|
--suffix PATH : ${lib.makeBinPath [ util-linux ]} \
|
|
|
|
--suffix PATH : /run/wrappers/bin \
|
|
|
|
--suffix PATH : ${lib.makeBinPath [ fuse ]}
|
2022-10-18 12:29:36 +00:00
|
|
|
ln -s $out/bin/gocryptfs $out/bin/mount.fuse.gocryptfs
|
|
|
|
'';
|
|
|
|
}))
|