Installing .deb file

Hi,

Im trying to install a .deb package, but the unpack stage is breaking.

tar: ./usr/lib/mintter-desktop/chrome-sandbox: Cannot change mode to rwsr-xr-x: Operation not permitted

This is the .nix file:

let pkgs = import <nixpkgs>{};
	std = pkgs.stdenv;
in rec {
	minter-source = std.mkDerivation{
		name = "mintter-source";
		src = pkgs.fetchurl {
			url = "https://github.com/MintterHypermedia/mintter/releases/download/2024.3.1/mintter-desktop_2024.3.1_amd64.deb";
			hash = "sha256-QQr6nsY45Ibyz1K3XNeDRFqmensJ++mYivFuXdoX7Rk=";
		};

		dpkg = pkgs.dpkg;

		buildInputs = [pkgs.dpkg];
		unpackPhase = ''
			dpkg -x $src unpacked
			cp -r unpacked/* $out/
		'';
	};

	minter = pkgs.buildFHSUserEnv {
		name = "mintter";
		targetPkgs = pkgs: [ minter-source ];
		multiPkgs = pkgs: [pkgs.dpkg];
		runScript = "mintter";

	};

}

The fullll error is this

dpkg-deb: error: tar subprocess returned error exit status 2
error: builder for '/nix/store/s2yh8qamagbr3cm8l8x7jwmnz6xlqra7-mintter-source.drv' failed with exit code 2;
       last 4 log lines:
       > Running phase: unpackPhase
       > tar: ./usr/lib/mintter-desktop/chrome-sandbox: Cannot change mode to rwsr-xr-x: Operation not permitted
       > tar: Exiting with failure status due to previous errors
       > dpkg-deb: error: tar subprocess returned error exit status 2
       For full logs, run 'nix log /nix/store/s2yh8qamagbr3cm8l8x7jwmnz6xlqra7-mintter-source.drv'.

Hi,

the Nix sandbox doesn’t allow to create files with the setuid bit set, so tar (used by dpkg) fails to extract the file.

You can tell dpkg to give you the raw tar stream and extract the files yourself, without restoring the setuid bit:

unpackPhase = ''
  dpkg-deb --fsys-tarfile $src | \
    tar -x --no-same-owner
  mv usr $out
'';