From 93db18285e73a4b9eab9a97097a9aa7e29d4afe8 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 17 Feb 2022 13:23:03 +0100 Subject: vidhar: ... --- hosts/vidhar/borg/copy.py | 3 +++ hosts/vidhar/borg/default.nix | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/hosts/vidhar/borg/copy.py b/hosts/vidhar/borg/copy.py index 0b863094..cd63146d 100755 --- a/hosts/vidhar/borg/copy.py +++ b/hosts/vidhar/borg/copy.py @@ -21,6 +21,8 @@ from xdg import xdg_runtime_dir import pathlib import unshare +import pyprctl + import signal from time import sleep @@ -86,6 +88,7 @@ def copy_archive(src_repo_path, dst_repo_path, entry): # print('unshare/chroot', file=stderr) unshare.unshare(unshare.CLONE_NEWUSER) unshare.unshare(unshare.CLONE_NEWNS) + pyprctl.cap_ambient_raise(pyprctl.SYS_ADMIN) subprocess.run(['mount', '--make-rprivate', '/'], check=True) chroot = pathlib.Path(tmpdir) / 'chroot' upper = pathlib.Path(tmpdir) / 'upper' diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix index 88fcc1ed..cae241d2 100644 --- a/hosts/vidhar/borg/default.nix +++ b/hosts/vidhar/borg/default.nix @@ -50,7 +50,7 @@ let buildInputs = with pkgs; [makeWrapper]; - python = pkgs.python39.withPackages (ps: with ps; [humanize tqdm dateutil xdg python-unshare halo]); + python = pkgs.python39.withPackages (ps: with ps; [humanize tqdm dateutil xdg python-unshare pyprctl halo]); buildPhase = '' substitute $src copy \ -- cgit v1.2.3