2 files changed, 4 insertions, 1 deletions

diff --git a/hosts/vidhar/borg/copy.py b/hosts/vidhar/borg/copy.py
index 0b863094..cd63146d 100755
--- a/hosts/vidhar/borg/copy.py
+++ b/hosts/vidhar/borg/copy.py
@@ -21,6 +21,8 @@ from xdg import xdg_runtime_dir
 import pathlib
 
 import unshare
+import pyprctl
+
 import signal
 from time import sleep
 
@@ -86,6 +88,7 @@ def copy_archive(src_repo_path, dst_repo_path, entry):
             # print('unshare/chroot', file=stderr)
             unshare.unshare(unshare.CLONE_NEWUSER)
             unshare.unshare(unshare.CLONE_NEWNS)
+            pyprctl.cap_ambient_raise(pyprctl.SYS_ADMIN)
             subprocess.run(['mount', '--make-rprivate', '/'], check=True)
             chroot = pathlib.Path(tmpdir) / 'chroot'
             upper = pathlib.Path(tmpdir) / 'upper'
diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix
index 88fcc1ed..cae241d2 100644
--- a/hosts/vidhar/borg/default.nix
+++ b/hosts/vidhar/borg/default.nix
@@ -50,7 +50,7 @@ let
 
     buildInputs = with pkgs; [makeWrapper];
 
-    python = pkgs.python39.withPackages (ps: with ps; [humanize tqdm dateutil xdg python-unshare halo]);
+    python = pkgs.python39.withPackages (ps: with ps; [humanize tqdm dateutil xdg python-unshare pyprctl halo]);
 
     buildPhase = ''
       substitute $src copy \