[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#51442: Non-default umask when using guix system leads to wrong file
|
From: |
Josselin Poiret |
|
Subject: |
bug#51442: Non-default umask when using guix system leads to wrong file permissions |
|
Date: |
Sat, 30 Oct 2021 20:48:18 +0000 |
Hi,
Ludovic Courtès <ludo@gnu.org> writes:
> Perhaps the best fix would be to set the umask explicitly before
> activation snippets run, like so (untested):
> [snip]
> WDYT?
I forgot about those too! I guess they're run in two different contexts:
once when `guix reconfigure` happens, and another one in the boot
script. This would work here, but not be nearly enough: in init, you
also have the populate-root-file-system procedure which will create many
directories without set permissions, and if they are created with a-r,
it will also cause havok (I think the first issue wonko reported was
about the directories not being readable).
I still think that the whole init/reconfigure commands should have their
umask set to #o022 as a sane default, even for future changes to them:
whatever they're touching is supposed to be "the system" itself and not
user files, so inherited user-set umasks shouldn't matter. It just feels
like we're trying to fight back against 'sudo' preserving things when it
shouldn't but alas.
Best,
Josselin Poiret