diff options
-rw-r--r-- | pkgs/default.nix | 1 | ||||
-rw-r--r-- | pkgs/rrsync_sudo/default.nix | 8 | ||||
-rw-r--r-- | pkgs/rrsync_sudo/sudo.patch | 20 |
3 files changed, 29 insertions, 0 deletions
diff --git a/pkgs/default.nix b/pkgs/default.nix index 2ad79a2f..b6f9eae1 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix | |||
@@ -24,6 +24,7 @@ rec { | |||
24 | pg_activity = callPackage ../pkgs/pg_activity { inherit mylibs; }; | 24 | pg_activity = callPackage ../pkgs/pg_activity { inherit mylibs; }; |
25 | pgloader = callPackage ../pkgs/pgloader {}; | 25 | pgloader = callPackage ../pkgs/pgloader {}; |
26 | predixy = callPackage ../pkgs/predixy { inherit mylibs; }; | 26 | predixy = callPackage ../pkgs/predixy { inherit mylibs; }; |
27 | rrsync_sudo = callPackage ../pkgs/rrsync_sudo {}; | ||
27 | telegram-cli = callPackage ../pkgs/telegram-cli { inherit mylibs; }; | 28 | telegram-cli = callPackage ../pkgs/telegram-cli { inherit mylibs; }; |
28 | telegram-history-dump = callPackage ../pkgs/telegram-history-dump { inherit mylibs; }; | 29 | telegram-history-dump = callPackage ../pkgs/telegram-history-dump { inherit mylibs; }; |
29 | telegramircd = callPackage ../pkgs/telegramircd { inherit mylibs; telethon = callPackage ../pkgs/telethon_sync {}; }; | 30 | telegramircd = callPackage ../pkgs/telegramircd { inherit mylibs; telethon = callPackage ../pkgs/telethon_sync {}; }; |
diff --git a/pkgs/rrsync_sudo/default.nix b/pkgs/rrsync_sudo/default.nix new file mode 100644 index 00000000..7a47320b --- /dev/null +++ b/pkgs/rrsync_sudo/default.nix | |||
@@ -0,0 +1,8 @@ | |||
1 | { rrsync }: | ||
2 | |||
3 | rrsync.overrideAttrs(old: { | ||
4 | patches = old.patches or [] ++ [ ./sudo.patch ]; | ||
5 | postPatch = old.postPatch + '' | ||
6 | substituteInPlace support/rrsync --replace /usr/bin/sudo /run/wrappers/bin/sudo | ||
7 | ''; | ||
8 | }) | ||
diff --git a/pkgs/rrsync_sudo/sudo.patch b/pkgs/rrsync_sudo/sudo.patch new file mode 100644 index 00000000..6de9cc94 --- /dev/null +++ b/pkgs/rrsync_sudo/sudo.patch | |||
@@ -0,0 +1,20 @@ | |||
1 | --- a/support/rrsync 2015-09-14 01:23:54.000000000 +0200 | ||
2 | +++ b/support/rrsync 2020-02-08 13:55:14.302163313 +0100 | ||
3 | @@ -48,7 +48,7 @@ | ||
4 | |||
5 | my $command = $ENV{SSH_ORIGINAL_COMMAND}; | ||
6 | die "$0: Not invoked via sshd\n$Usage" unless defined $command; | ||
7 | -die "$0: SSH_ORIGINAL_COMMAND='$command' is not rsync\n" unless $command =~ s/^rsync\s+//; | ||
8 | +die "$0: SSH_ORIGINAL_COMMAND='$command' is not rsync\n" unless $command =~ s/^sudo rsync\s+//; | ||
9 | die "$0: --server option is not first\n" unless $command =~ /^--server\s/; | ||
10 | our $am_sender = $command =~ /^--server\s+--sender\s/; # Restrictive on purpose! | ||
11 | die "$0 sending to read-only server not allowed\n" if $only eq 'r' && !$am_sender; | ||
12 | @@ -227,7 +227,7 @@ | ||
13 | } | ||
14 | |||
15 | # Note: This assumes that the rsync protocol will not be maliciously hijacked. | ||
16 | -exec(RSYNC, @opts, @args) or die "exec(rsync @opts @args) failed: $? $!"; | ||
17 | +exec("/usr/bin/sudo", RSYNC, @opts, @args) or die "exec(sudo rsync @opts @args) failed: $? $!"; | ||
18 | |||
19 | sub check_arg | ||
20 | { | ||