From 23c10bf98c9311297debfbe6166c6ff2a7df2bfb Mon Sep 17 00:00:00 2001
From: ver4a <ver4a@uncontrol.me>
Date: Thu, 27 Mar 2025 21:13:49 +0100
Subject: [PATCH] Make setuid/setgid file exceptions more robust.

---
 Dockerfile.kde-nvidia-ver4a | 2 +-
 Dockerfile.kde-ver4a        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile.kde-nvidia-ver4a b/Dockerfile.kde-nvidia-ver4a
index e732125..6aaba23 100644
--- a/Dockerfile.kde-nvidia-ver4a
+++ b/Dockerfile.kde-nvidia-ver4a
@@ -22,7 +22,7 @@ RUN dnf5 -y autoremove
 
 # Remove setuid/setgid binaries
 # Except for polkit-agent-helper-1, it's currently required for interactive authentication with polkit.
-RUN find /usr -mindepth 1 -type f -perm /6000 -regextype posix-extended -not -regex '/usr/lib/polkit-1/polkit-agent-helper-1|/usr/sbin/unix_chkpwd|/usr/bin/fusermount|/usr/bin/fusermount3' -exec sh -c "chmod ug-s '{}' && echo \"Removed setuid/setgid bit(s) from '{}'\"" \;
+RUN find /usr -mindepth 1 -type f -perm /6000 -regextype posix-extended -not -regex '^/usr/lib/polkit-1/polkit-agent-helper-1$|^/usr/sbin/unix_chkpwd$|^/usr/bin/fusermount[0-9]?$' -exec sh -c "chmod ug-s '{}' && echo \"Removed setuid/setgid bit(s) from '{}'\"" \;
 
 # https://github.com/ostreedev/ostree-rs-ext/issues/159
 RUN ostree container commit
diff --git a/Dockerfile.kde-ver4a b/Dockerfile.kde-ver4a
index db240ab..3752d94 100644
--- a/Dockerfile.kde-ver4a
+++ b/Dockerfile.kde-ver4a
@@ -22,7 +22,7 @@ RUN dnf5 -y autoremove
 
 # Remove setuid/setgid binaries
 # Except for polkit-agent-helper-1, it's currently required for interactive authentication with polkit.
-RUN find /usr -mindepth 1 -type f -perm /6000 -regextype posix-extended -not -regex '/usr/lib/polkit-1/polkit-agent-helper-1|/usr/sbin/unix_chkpwd|/usr/bin/fusermount|/usr/bin/fusermount3' -exec sh -c "chmod ug-s '{}' && echo \"Removed setuid/setgid bit(s) from '{}'\"" \;
+RUN find /usr -mindepth 1 -type f -perm /6000 -regextype posix-extended -not -regex '^/usr/lib/polkit-1/polkit-agent-helper-1$|^/usr/sbin/unix_chkpwd$|^/usr/bin/fusermount[0-9]?$' -exec sh -c "chmod ug-s '{}' && echo \"Removed setuid/setgid bit(s) from '{}'\"" \;
 
 # https://github.com/ostreedev/ostree-rs-ext/issues/159
 RUN ostree container commit