Linux: Fix AppImage compatibility by using AppImage file for sudo elevation

When VeraCrypt is run as an AppImage, the veracrypt binary resides in a SquashFS mount under /tmp which is inaccessible to root. Using this path with sudo results in a "command not found" error. This patch detects the AppImage environment by checking both APPIMAGE and APPDIR variables, ensuring the executable path starts with APPDIR and that APPDIR starts with the expected "/tmp/.mount_Veracr" prefix. In this scenario, the AppImage file itself (APPIMAGE) is used as the executable for sudo, resolving the elevation issue.
2025-11-11 02:58:02 -06:00 · 2025-05-10 15:21:19 +09:00
parent 58dd4e031d
commit 745fab60e9
1 changed files with 26 additions and 0 deletions
--- a/src/Core/Unix/CoreService.cpp
+++ b/src/Core/Unix/CoreService.cpp
@@ -430,6 +430,32 @@ namespace VeraCrypt
 							throw SystemException(SRC_POS, errorMsg);
 					}

+#if defined(TC_LINUX)
+                    // AppImage specific handling:
+                    // If running from an AppImage, and appPath is inside the AppImage's mount point (APPDIR),
+                    // and APPDIR has the expected prefix, then use the AppImage file path (APPIMAGE) for sudo.
+                    const char* appImageEnv = getenv("APPIMAGE");
+                    const char* appDirEnv = getenv("APPDIR");
+
+                    if (appImageEnv && appDirEnv)
+                    {
+                        string appDirString = appDirEnv;
+                        string appImageFileString = appImageEnv;
+                        const string appImageMountPrefix = "/tmp/.mount_Veracr"; // Based on observed "/tmp/.mount_VeracrXXXXXX"
+
+                        // Check: APPDIR is not empty,
+                        // appPath starts with APPDIR,
+                        // and APPDIR itself starts with the expected AppImage mount prefix
+                        if (!appDirString.empty() &&
+                            appPath.rfind(appDirString, 0) == 0 &&
+                            appDirString.rfind(appImageMountPrefix, 0) == 0)
+                        {
+                            // All conditions met, this is the AppImage scenario.
+                            // Use the path to the AppImage file itself for sudo.
+                            appPath = appImageFileString;
+                        }
+                    }
+#endif
 					throw_sys_if (dup2 (inPipe->GetReadFD(), STDIN_FILENO) == -1);
 					throw_sys_if (dup2 (outPipe->GetWriteFD(), STDOUT_FILENO) == -1);
 					throw_sys_if (dup2 (errPipe.GetWriteFD(), STDERR_FILENO) == -1);