vidhar: ...

3 files changed, 9 insertions, 28 deletions

diff --git a/hosts/vidhar/borg/copy.py b/hosts/vidhar/borg/copy.py
index 3ec520b5..e15b56c3 100755
--- a/hosts/vidhar/borg/copy.py
+++ b/hosts/vidhar/borg/copy.py
@@ -86,9 +86,14 @@ def copy_archive(src_repo_path, dst_repo_path, entry):
         child = os.fork()
         if child == 0:
             # print('unshare/chroot', file=stderr)
+            uid_map_content = f'0 {os.getuid()} 1'
+            gid_map_content = f'0 {os.getgid()} 1'
             unshare.unshare(unshare.CLONE_NEWUSER)
+            with open('/proc/self/uid_map', 'w') as uid_map:
+                uid_map.write(uid_map_content)
+            with open('/proc/self/gid_map', 'w') as gid_map:
+                gid_map.write(gid_map_content)
             unshare.unshare(unshare.CLONE_NEWNS)
-            pyprctl.cap_ambient_raise(pyprctl.Cap.SYS_ADMIN)
             subprocess.run(['mount', '--make-rprivate', '/'], check=True)
             chroot = pathlib.Path(tmpdir) / 'chroot'
             upper = pathlib.Path(tmpdir) / 'upper'
diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix
index 3515a18b..88fcc1ed 100644
--- a/hosts/vidhar/borg/default.nix
+++ b/hosts/vidhar/borg/default.nix
@@ -42,10 +42,7 @@ let
     };
   };
 
-  copyBorg = pkgs.stdenv.mkDerivation (let
-    packageOverrides = pkgs.callPackage ./pyprctl-packages.nix {};
-    inpPython = pkgs.python39.override { inherit packageOverrides; };
-  in rec {
+  copyBorg = pkgs.stdenv.mkDerivation rec {
     name = "copy";
     src = ./copy.py;
 
@@ -53,7 +50,7 @@ let
 
     buildInputs = with pkgs; [makeWrapper];
 
-    python = inpPython.withPackages (ps: with ps; [humanize tqdm dateutil xdg python-unshare pyprctl halo]);
+    python = pkgs.python39.withPackages (ps: with ps; [humanize tqdm dateutil xdg python-unshare halo]);
 
     buildPhase = ''
       substitute $src copy \
@@ -72,7 +69,7 @@ let
       wrapProgram $out/bin/copy \
         --prefix PATH : ${config.security.wrapperDir}:${makeBinPath (with pkgs; [borgbackup])}
     '';
-  });
+  };
 in {
   config = {
     services.borgbackup.repos.jotnar = {
diff --git a/hosts/vidhar/borg/pyprctl-packages.nix b/hosts/vidhar/borg/pyprctl-packages.nix
deleted file mode 100644
index d3b4256a..00000000
--- a/hosts/vidhar/borg/pyprctl-packages.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-# Generated by pip2nix 0.8.0.dev1
-# See https://github.com/nix-community/pip2nix
-
-{ pkgs, fetchurl, fetchgit, fetchhg }:
-
-self: super: {
-  "pyprctl" = super.buildPythonPackage rec {
-    pname = "pyprctl";
-    version = "0.1.3";
-    src = fetchurl {
-      url = "https://files.pythonhosted.org/packages/bf/5e/62765de39bbce8111fb1f4453a4a804913bf49179fa265fb713ed66c9d15/pyprctl-0.1.3-py3-none-any.whl";
-      sha256 = "1pgif990r92za5rx12mjnq5iiz72d455v0wrawzb73q79w8ya0k3";
-    };
-    format = "wheel";
-    doCheck = false;
-    buildInputs = [];
-    checkInputs = [];
-    nativeBuildInputs = [];
-    propagatedBuildInputs = [];
-  };
-}