diff options
| author |   Itai Ferber <itai@itaiferber.net> | 2024-05-10 14:23:11 -0400 |
|---|---|---|
| committer | Itai Ferber <itai@itaiferber.net> | 2024-05-10 14:23:11 -0400 |
| commit | f5a3836facfa2dc8192eb0a306cd8a92274c121e (patch) | |
| tree | ca0e863f1b856be39a545dc8da78baf67da9b2ca /net-vpn | |
| parent | net-vpn/mullvadvpn-app: add 2024.2, drop 2024.1 (diff) | |
| download | guru-f5a3836facfa2dc8192eb0a306cd8a92274c121e.tar.gz guru-f5a3836facfa2dc8192eb0a306cd8a92274c121e.tar.bz2 guru-f5a3836facfa2dc8192eb0a306cd8a92274c121e.zip | |
net-vpn/mullvadvpn-app: Enable setuid bit for mullvad-exclude
Signed-off-by: Itai Ferber <itai@itaiferber.net>
Diffstat (limited to 'net-vpn')
| -rw-r--r-- | net-vpn/mullvadvpn-app/mullvadvpn-app-2024.2.ebuild | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net-vpn/mullvadvpn-app/mullvadvpn-app-2024.2.ebuild b/net-vpn/mullvadvpn-app/mullvadvpn-app-2024.2.ebuild index 1efc69995..4332496f1 100644 --- a/net-vpn/mullvadvpn-app/mullvadvpn-app-2024.2.ebuild +++ b/net-vpn/mullvadvpn-app/mullvadvpn-app-2024.2.ebuild @@ -49,6 +49,12 @@ src_install() { dobin "${S}"/usr/bin/mullvad-exclude dosym "../../opt/Mullvad VPN/resources/mullvad-problem-report" /usr/bin/mullvad-problem-report + # mullvad-exclude uses cgroups to manage exclusions, which requires root permissions, but is + # also most often used to exclude graphical applications which can't or shouldn't run as root + # (i.e., can't be run under `sudo/doas /usr/bin/mullvad-exclude ...`, because `sudo`/`doas` + # change user). The setuid bit allows any user to exclude executables under their own UID. + fperms 4755 /usr/bin/mullvad-exclude + newinitd "${FILESDIR}"/mullvad-daemon.initd mullvad-daemon systemd_newunit "${S}"/usr/lib/systemd/system/mullvad-daemon.service mullvad-daemon.service |