From 2e2358d850d2edc88621f25dae84c59f26992355 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Thu, 27 Jun 2024 18:20:16 +0200
Subject: [PATCH] introduce minifakeroot that also works on macos

---
 nixosModules/clanCore/zerotier/default.nix | 32 +++++++++++++++++-----
 nixosModules/clanCore/zerotier/fake_root.c | 28 +++++++++++++++++++
 nixosModules/clanCore/zerotier/generate.py |  3 +-
 pkgs/clan-cli/clan_cli/facts/generate.py   |  1 +
 pkgs/clan-cli/default.nix                  |  2 --
 5 files changed, 55 insertions(+), 11 deletions(-)
 create mode 100644 nixosModules/clanCore/zerotier/fake_root.c

diff --git a/nixosModules/clanCore/zerotier/default.nix b/nixosModules/clanCore/zerotier/default.nix
index c4e9c7a0..8a07f36d 100644
--- a/nixosModules/clanCore/zerotier/default.nix
+++ b/nixosModules/clanCore/zerotier/default.nix
@@ -182,15 +182,33 @@ in
         secret.zerotier-identity-secret = { };
         generator.path = [
           config.services.zerotierone.package
-          pkgs.fakeroot
           pkgs.python3
         ];
-        generator.script = ''
-          python3 ${./generate.py} --mode network \
-            --ip "$facts/zerotier-ip" \
-            --identity-secret "$secrets/zerotier-identity-secret" \
-            --network-id "$facts/zerotier-network-id"
-        '';
+        generator.script =
+          let
+            library = "libfakeroot${pkgs.stdenv.hostPlatform.extensions.sharedLibrary}";
+            minifakeroot = pkgs.stdenv.mkDerivation {
+              name = "minifakeroot";
+              dontUnpack = true;
+              installPhase = ''
+                mkdir -p $out/lib
+                ${
+                  if pkgs.stdenv.isDarwin then
+                    "$CC -dynamiclib -o $out/lib/libfakeroot.dylib ${./fake_root.c}"
+                  else
+                    "$CC -shared -o $out/lib/libfakeroot.so ${./fake_root.c}"
+                }
+              '';
+            };
+            varName = if pkgs.stdenv.isDarwin then "DYLD_INSERT_LIBRARIES" else "LD_PRELOAD";
+          in
+          ''
+            export ${varName}=${minifakeroot}/lib/${library}
+            python3 ${./generate.py} --mode network \
+              --ip "$facts/zerotier-ip" \
+              --identity-secret "$secrets/zerotier-identity-secret" \
+              --network-id "$facts/zerotier-network-id"
+          '';
       };
       clan.core.state.zerotier.folders = [ "/var/lib/zerotier-one" ];
 
diff --git a/nixosModules/clanCore/zerotier/fake_root.c b/nixosModules/clanCore/zerotier/fake_root.c
new file mode 100644
index 00000000..d62bb9b0
--- /dev/null
+++ b/nixosModules/clanCore/zerotier/fake_root.c
@@ -0,0 +1,28 @@
+#include <stdint.h>
+typedef uint32_t uid_t;
+
+#ifdef __APPLE__
+  struct dyld_interpose {
+    const void * replacement;
+    const void * replacee;
+  };
+  #define WRAPPER(ret, name) static ret _fakeroot_wrapper_##name
+  #define WRAPPER_DEF(name) \
+    __attribute__((used)) static struct dyld_interpose _fakeroot_interpose_##name \
+      __attribute__((section("__DATA,__interpose"))) = { &_fakeroot_wrapper_##name, &name };
+#else
+  #define WRAPPER(ret, name) ret name
+  #define WRAPPER_DEF(name)
+#endif
+
+WRAPPER(uid_t, geteuid)(const char * path, int flags, ...)
+{
+    return 0; // Fake root
+}
+WRAPPER_DEF(geteuid)
+
+WRAPPER(uid_t, getuid)(const char * path, int flags, ...)
+{
+    return 0; // Fake root
+}
+WRAPPER_DEF(getuid)
diff --git a/nixosModules/clanCore/zerotier/generate.py b/nixosModules/clanCore/zerotier/generate.py
index d6b587ff..7bcfecdc 100644
--- a/nixosModules/clanCore/zerotier/generate.py
+++ b/nixosModules/clanCore/zerotier/generate.py
@@ -111,12 +111,11 @@ def zerotier_controller() -> Iterator[ZerotierController]:
         home = tempdir / "zerotier-one"
         home.mkdir()
         cmd = [
-            "fakeroot",
-            "--",
             "zerotier-one",
             f"-p{controller_port}",
             str(home),
         ]
+
         with subprocess.Popen(
             cmd,
             preexec_fn=os.setsid,
diff --git a/pkgs/clan-cli/clan_cli/facts/generate.py b/pkgs/clan-cli/clan_cli/facts/generate.py
index 2a9e348d..ea5fb947 100644
--- a/pkgs/clan-cli/clan_cli/facts/generate.py
+++ b/pkgs/clan-cli/clan_cli/facts/generate.py
@@ -3,6 +3,7 @@ import importlib
 import logging
 import os
 import subprocess
+import sys
 from collections.abc import Callable
 from pathlib import Path
 from tempfile import TemporaryDirectory
diff --git a/pkgs/clan-cli/default.nix b/pkgs/clan-cli/default.nix
index dabc746c..a78bfe57 100644
--- a/pkgs/clan-cli/default.nix
+++ b/pkgs/clan-cli/default.nix
@@ -15,7 +15,6 @@
   setuptools,
   sops,
   stdenv,
-  fakeroot,
   rsync,
   bash,
   sshpass,
@@ -38,7 +37,6 @@ let
   runtimeDependencies = [
     bash
     nix
-    fakeroot
     openssh
     sshpass
     zbar