diff options
author | tv <tv@krebsco.de> | 2016-07-23 11:47:46 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2016-07-23 11:47:46 +0200 |
commit | ad816aaa281094fc4fde1755de618440a5a1df28 (patch) | |
tree | e012344eaa48da8816efd6861057762be3006002 | |
parent | a774642d29dcc3a668abf9bbe13e88ee786b5d1d (diff) |
tv pkgs.ff: drop sudo
-rw-r--r-- | tv/5pkgs/default.nix | 4 | ||||
-rw-r--r-- | tv/5pkgs/ff/default.nix | 12 |
2 files changed, 3 insertions, 13 deletions
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 040a6ff3d..0b28747d5 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -15,7 +15,9 @@ ejabberd = pkgs.callPackage ./ejabberd { erlang = pkgs.erlangR16; }; - ff = pkgs.callPackage ./ff {}; + ff = pkgs.writeDashBin "ff" '' + exec ${pkgs.firefoxWrapper}/bin/firefox "$@" + ''; gnupg = if elem config.krebs.build.host.name ["xu" "wu"] then super.gnupg21 diff --git a/tv/5pkgs/ff/default.nix b/tv/5pkgs/ff/default.nix deleted file mode 100644 index b1d2c579a..000000000 --- a/tv/5pkgs/ff/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, ... }: - -# TODO use krebs.setuid -# This requires that we can create setuid executables that can only be accessed -# by a single user. [per-user-setuid] - -# using bash for %q -pkgs.writeBashBin "ff" '' - exec /var/setuid-wrappers/sudo -u ff -i <<EOF - exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@") - EOF -'' |