wyj/guru
1
0
Fork 0
mirror of https://github.com/gentoo-mirror/guru.git synced 2025-04-20 00:08:58 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

net-vpn/mullvadvpn-app: Enable setuid bit for mullvad-exclude

Browse Source 
Signed-off-by: Itai Ferber <itai@itaiferber.net>
This commit is contained in:
Itai Ferber 2024-05-10 14:23:11 -04:00
parent e19635a0c3
commit f5a3836fac
No known key found for this signature in database
GPG Key ID: 39E67F4ECE95ED64
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
net-vpn/mullvadvpn-app/mullvadvpn-app-2024.2.ebuild
View File

@ -49,6 +49,12 @@ src_install() {
dobin "${S}"/usr/bin/mullvad-exclude
dosym "../../opt/Mullvad VPN/resources/mullvad-problem-report" /usr/bin/mullvad-problem-report
# mullvad-exclude uses cgroups to manage exclusions, which requires root permissions, but is
# also most often used to exclude graphical applications which can't or shouldn't run as root
# (i.e., can't be run under `sudo/doas /usr/bin/mullvad-exclude ...`, because `sudo`/`doas`
# change user). The setuid bit allows any user to exclude executables under their own UID.
fperms 4755 /usr/bin/mullvad-exclude
newinitd "${FILESDIR}"/mullvad-daemon.initd mullvad-daemon
systemd_newunit "${S}"/usr/lib/systemd/system/mullvad-daemon.service mullvad-daemon.service