You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sublime Text hardcodes /usr/bin/pkexec, which does not exist on NixOS, so we have to replace it with /run/wrappers/bin/pkexec using a LD_PRELOAD hack. But since it is an environment variable, it gets passed to child programs, not all tolerating such interference.
(On NixOS, there is not really /usr directory. We symlink directory trees of globally installed packages into /run/current-system/sw, and /run/current-system/sw/bin directory is added to PATH environment variable, but packages cannot contain setuid binaries for security reasons – unprivileged users can build and install packages. Those are placed in /run/wrappers/bin, which is also added to PATH.)
Preferred solution
It would be nice if pkexec could be picked up from PATH.
Alternatives
For software that has source code available, we just patch it but that is not an option here.
The path in the source code could be padded from right with \0 so that we could patch the executable with a longer path. For us, nine extra characters should be enough but perhaps add few more to be safe.
Define the path in Default.sublime-package. Since it would be defined in Python code, we can patch it easily.
The text was updated successfully, but these errors were encountered:
Looks like run_admin_process now calls file_exists so replacing /usr/bin/pkexec for pkexec\x00\x00\x00\x00\x00\x00\x00\x00\x00 as we were doing and relying on PATH no longer works.
Problem description
Sublime Text hardcodes
/usr/bin/pkexec
, which does not exist on NixOS, so we have to replace it with/run/wrappers/bin/pkexec
using aLD_PRELOAD
hack. But since it is an environment variable, it gets passed to child programs, not all tolerating such interference.(On NixOS, there is not really
/usr
directory. We symlink directory trees of globally installed packages into/run/current-system/sw
, and/run/current-system/sw/bin
directory is added toPATH
environment variable, but packages cannot contain setuid binaries for security reasons – unprivileged users can build and install packages. Those are placed in/run/wrappers/bin
, which is also added toPATH
.)Preferred solution
It would be nice if
pkexec
could be picked up fromPATH
.Alternatives
\0
so that we could patch the executable with a longer path. For us, nine extra characters should be enough but perhaps add few more to be safe.Default.sublime-package
. Since it would be defined in Python code, we can patch it easily.The text was updated successfully, but these errors were encountered: