GNU bug report logs - #53752
guix home cannot configure authorized_keys

Previous Next

Package: guix;

Reported by: Zacchaeus Scheffer <zaccysc <at> gmail.com>

Date: Thu, 3 Feb 2022 18:09:02 UTC

Severity: normal

Full log

View this message in rfc822 format

From: Zacchaeus Scheffer <zaccysc <at> gmail.com>
To: 53752 <at> debbugs.gnu.org
Subject: bug#53752: guix home symlink permissions
Date: Thu, 3 Feb 2022 13:08:12 -0500

[Message part 1 (text/plain, inline)]
I finally migrated my home configuration to guix home.  However, it seems
guix home creates all symlinks with 777 permissions.  This causes problems
with openssh as it will not recognize my ~/.ssh/authorized_keys.  It seems
the directories have reasonable permissions (maybe because they already
existed?), but it seems like someone could in theory edit the symlinks
in-place (though I wasn't able to figure that out).

I formulated based on the example in Section 11.1 of the devel user
manual.  You should be able to recreate the problem with (replacing <your
ssh public key here>):

(home-environment
  (services
    (list
      (simple-service
       'my-home-files-service
       home-files-service-type
       (list
         `("ssh/authorized_keys"
            ,(plain-file
               "home-authorized-keys"
               "<your ssh public key here>")))))))

[Message part 2 (text/html, inline)]
This bug report was last modified 3 years and 183 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.