summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2016-07-23 11:47:46 +0200
committertv <tv@krebsco.de>2016-07-23 11:47:46 +0200
commitad816aaa281094fc4fde1755de618440a5a1df28 (patch)
treee012344eaa48da8816efd6861057762be3006002
parenta774642d29dcc3a668abf9bbe13e88ee786b5d1d (diff)
tv pkgs.ff: drop sudo
-rw-r--r--tv/5pkgs/default.nix4
-rw-r--r--tv/5pkgs/ff/default.nix12
2 files changed, 3 insertions, 13 deletions
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index 040a6ff3d..0b28747d5 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -15,7 +15,9 @@
ejabberd = pkgs.callPackage ./ejabberd {
erlang = pkgs.erlangR16;
};
- ff = pkgs.callPackage ./ff {};
+ ff = pkgs.writeDashBin "ff" ''
+ exec ${pkgs.firefoxWrapper}/bin/firefox "$@"
+ '';
gnupg =
if elem config.krebs.build.host.name ["xu" "wu"]
then super.gnupg21
diff --git a/tv/5pkgs/ff/default.nix b/tv/5pkgs/ff/default.nix
deleted file mode 100644
index b1d2c579a..000000000
--- a/tv/5pkgs/ff/default.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ pkgs, ... }:
-
-# TODO use krebs.setuid
-# This requires that we can create setuid executables that can only be accessed
-# by a single user. [per-user-setuid]
-
-# using bash for %q
-pkgs.writeBashBin "ff" ''
- exec /var/setuid-wrappers/sudo -u ff -i <<EOF
- exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
- EOF
-''