From 05f4fdcbc7b79a96d91912f6094973bca5ef1904 Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Sun, 29 Nov 2020 14:49:52 +0100
Subject: [PATCH] nixos: pass binary seperately from args in systemd wrapper

---
 nixos-modules/systemd-runner.dhall | 11 ++++++++---
 nixos-modules/systemd.nix          | 11 +++++++----
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/nixos-modules/systemd-runner.dhall b/nixos-modules/systemd-runner.dhall
index 78cc769..28b6ca8 100644
--- a/nixos-modules/systemd-runner.dhall
+++ b/nixos-modules/systemd-runner.dhall
@@ -16,7 +16,11 @@ let parentRoutes =
       Prelude.List.map Text Init.ServiceRoute.Type Init.ServiceRoute.parent
 
 in  λ ( params
-      : { args : List Text, coreutils : Text, interface : Optional Text }
+      : { args : List Text
+        , binary : Text
+        , coreutils : Text
+        , interface : Optional Text
+        }
       ) →
       let socketsVfs =
             merge
@@ -112,7 +116,7 @@ in  λ ( params
                 , ExecStart =
                     Child.flat
                       Child.Attributes::{
-                      , binary = "bash"
+                      , binary = params.binary
                       , exitPropagate = True
                       , resources = Genode.Init.Resources::{
                         , caps = 256
@@ -125,10 +129,11 @@ in  λ ( params
                               , stdout = Some "/dev/log"
                               , stderr = Some "/dev/log"
                               , pipe = Some "/dev/pipes"
+                              , rng = Some "/dev/random"
                               , rtc = Some "/dev/rtc"
                               , socket = Some "/dev/sockets"
                               , vfs = [ VFS.leaf "fs" ]
-                              , args = params.args
+                              , args = [ params.binary ] # params.args
                               }
                           )
                         with attributes = toMap { ld_verbose = "yes" }
diff --git a/nixos-modules/systemd.nix b/nixos-modules/systemd.nix
index d86f630..e9e449c 100644
--- a/nixos-modules/systemd.nix
+++ b/nixos-modules/systemd.nix
@@ -43,12 +43,14 @@ with lib; {
               libc
               posix
               vfs
+              vfs_jitterentropy
               vfs_pipe
             ];
           configFile = let
-            args = ''[ "'' + concatStringsSep ''", "''
-              ((lib.strings.splitString " ")
-                (toString service.serviceConfig.ExecStart)) + ''" ]'';
+            args = lib.strings.splitString " "
+              (toString service.serviceConfig.ExecStart);
+            binary = builtins.head args;
+            args' = ''[ "${concatStringsSep ''", "'' (builtins.tail args)}" ]'';
             # TODO: service.environment;
             interface = if service.genode.interface == null then
               "None Text"
@@ -56,7 +58,8 @@ with lib; {
               ''Some "${service.genode.interface}"'';
           in pkgs.writeText "${name'}.dhall" ''
             ${./systemd-runner.dhall} {
-            , args = ${args}
+            , args = ${args'}
+            , binary = "${binary}"
             , coreutils = "${pkgs.coreutils}"
             , interface = ${interface}
             }