From e53c4b9205b91525afd42507c39319342561c435 Mon Sep 17 00:00:00 2001
From: adisbladis <adisbladis@gmail.com>
Date: Tue, 21 Jun 2022 23:43:34 +0800
Subject: [PATCH] crun: Don't use hard-coded /usr/bin paths

The paths to newuidmap & newgidmap are currently hard-coded in the binary.
---
 pkgs/applications/virtualization/crun/default.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkgs/applications/virtualization/crun/default.nix b/pkgs/applications/virtualization/crun/default.nix
index 2d35b1c4a039..1a49d7688865 100644
--- a/pkgs/applications/virtualization/crun/default.nix
+++ b/pkgs/applications/virtualization/crun/default.nix
@@ -11,6 +11,7 @@
 , yajl
 , nixosTests
 , criu
+, fetchpatch
 }:
 
 let
@@ -48,6 +49,15 @@ stdenv.mkDerivation rec {
     fetchSubmodules = true;
   };
 
+  patches = [
+    # Should dropped in next release after 1.4.5
+    (fetchpatch {
+      name = "usrbin-paths.patch";
+      url = "https://github.com/containers/crun/commit/dd29f7f7f713c49784ac30f7cdca33b2ef94d5b8.patch";
+      sha256 = "sha256-kHHix8CUL+c8HbOe5qx4PeF1P19113U4bRZyleMUjqk=";
+    })
+  ];
+
   nativeBuildInputs = [ autoreconfHook go-md2man pkg-config python3 ];
 
   buildInputs = [ libcap libseccomp systemd yajl ]