nixos/fuse: add enable option (eca55074) · Commits · nix / nixpkgs

nixos/modules/programs/fuse.nix

+31 −2

Original line number	Diff line number	Diff line
		{ config, lib, ... }:
		{
		config,
		lib,
		pkgs,
		...
		}:

		let
		cfg = config.programs.fuse;
		@@ -7,6 +12,10 @@ in
		meta.maintainers = with lib.maintainers; [ ];

		options.programs.fuse = {
		enable = lib.mkEnableOption "fuse" // {
		default = true;
		};

		mountMax = lib.mkOption {
		# In the C code it's an "int" (i.e. signed and at least 16 bit), but
		# negative numbers obviously make no sense:
		@@ -27,10 +36,30 @@ in
		};
		};

		config = {
		config = lib.mkIf cfg.enable {
		environment.systemPackages = [
		pkgs.fuse
		pkgs.fuse3
		];

		security.wrappers =
		let
		mkSetuidRoot = source: {
		setuid = true;
		owner = "root";
		group = "root";
		inherit source;
		};
		in
		{
		fusermount = mkSetuidRoot "${lib.getBin pkgs.fuse}/bin/fusermount";
		fusermount3 = mkSetuidRoot "${lib.getBin pkgs.fuse3}/bin/fusermount3";
		};

		environment.etc."fuse.conf".text = ''
		${lib.optionalString (!cfg.userAllowOther) "#"}user_allow_other
		mount_max = ${builtins.toString cfg.mountMax}
		'';

		};
		}

+0 −2

Original line number	Diff line number	Diff line
		@@ -266,8 +266,6 @@ in
		in
		{
		# These are mount related wrappers that require the +s permission.
		fusermount = mkSetuidRoot "${lib.getBin pkgs.fuse}/bin/fusermount";
		fusermount3 = mkSetuidRoot "${lib.getBin pkgs.fuse3}/bin/fusermount3";
		mount = mkSetuidRoot "${lib.getBin pkgs.util-linux}/bin/mount";
		umount = mkSetuidRoot "${lib.getBin pkgs.util-linux}/bin/umount";
		};

+1 −7

Original line number	Diff line number	Diff line
		@@ -461,13 +461,7 @@ in
		# Add the mount helpers to the system path so that `mount' can find them.
		system.fsPackages = [ pkgs.dosfstools ];

		environment.systemPackages =
		with pkgs;
		[
		fuse3
		fuse
		]
		++ config.system.fsPackages;
		environment.systemPackages = config.system.fsPackages;

		environment.etc.fstab.text =
		let