From 855c1bde4285b3ece6c6a6bbd475b36ea0bc10b1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 28 Jun 2017 15:58:36 +0100
Subject: [PATCH] suid-chroot: do not set suid bit during install

To be useful in nixos, it probably also requires a module to set up a hardening wrapper.
---
 pkgs/tools/system/suid-chroot/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkgs/tools/system/suid-chroot/default.nix b/pkgs/tools/system/suid-chroot/default.nix
index 1278480973f..ebedf5f544e 100644
--- a/pkgs/tools/system/suid-chroot/default.nix
+++ b/pkgs/tools/system/suid-chroot/default.nix
@@ -11,6 +11,7 @@ stdenv.mkDerivation rec {
 
   postPatch = ''
     substituteInPlace Makefile --replace /usr $out
+    sed -i -e '/chmod u+s/d' Makefile
   '';
 
   meta = with stdenv.lib; {