GNU bug report logs - #48314
[PATCH] Install guix system on Raspberry Pi

Previous Next

Package: guix-patches;

Reported by: Stefan <stefan-guix <at> vodafonemail.de>

Date: Sun, 9 May 2021 15:33:02 UTC

Severity: normal

Tags: patch

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Maxime Devos <maximedevos <at> telenet.be>
To: phodina <phodina <at> protonmail.com>
Cc: Stefan <stefan-guix <at> vodafonemail.de>, "48314 <at> debbugs.gnu.org" <48314 <at> debbugs.gnu.org>
Subject: [bug#48314] [PATCH v5] Install guix system on Raspberry Pi
Date: Thu, 14 Apr 2022 15:57:35 +0200

[Message part 1 (text/plain, inline)]
phodina schreef op do 14-04-2022 om 13:03 [+0000]:
> ~$ ssh pi <at> 192.168.1.181
> Last login: Thu Apr 14 14:52:56 2022 from 192.168.1.224
> Could not chdir to home directory /home/pi: Permission denied
> -bash: /home/pi/.bash_profile: Permission denied
> -bash-5.1$ id -u
> 1002
> -bash-5.1$ id -gn
> users
> -bash-5.1$ sudo -E /gnu/store/ja92d7xpmyh94gm6n83bajx9dy4h6pbl-bash-5.1.8/bin/bash
> root <at> raspberrypi-guix /# ls -al /home/pi
> total 40
> drwx------ 4 1000 users 4096 Nov 24 08:16 ./

You are logging in as 1002.  /home/pi is owned by ‘1000’.  Is this
difference intentional?

Maybe you have added two users, but with the home directory?
(guesswork).

> As you can see the execute bit is missing. Therefore running

The user has the read-write-execute bits, the group and other don't.

> chmod +x /home/pi/
>
> fixed the problem. But I'm unsure why the home dir was created
> without the those flags.

I'm not on Guix System at the moment, so I cannot tell what the usual
behaviour is, but why wouldn't the home directory be non-group-
executable and non-other executable? 

Unless you want to share the contents of your home to other users on
the system, or if you have a web server that looks for
http://.../~pi/index.html in /home/pi/web/index.html or the like,
restricting readability, writability and executability to the actual
‘owner’ of the directory seems good security practice to me.

Usually, AFAICT, all that's needed is for $HOME to be user-readable,
writable and executable.

(/me quickly does "chmod go-rwx $HOME")

Greetings,
Maxime.

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 2 years and 165 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.