GNU bug report logs - #53752
guix home cannot configure authorized_keys

Previous Next

Package: guix;

Reported by: Zacchaeus Scheffer <zaccysc <at> gmail.com>

Date: Thu, 3 Feb 2022 18:09:02 UTC

Severity: normal

Full log


View this message in rfc822 format

From: Thiago Jung Bauermann <bauermann <at> kolabnow.com>
To: Zacchaeus Scheffer <zaccysc <at> gmail.com>
Cc: 53752 <at> debbugs.gnu.org
Subject: bug#53752: guix home symlink permissions
Date: Thu, 03 Feb 2022 16:56:06 -0300
Hello Zacchaeus,

Em quinta-feira, 3 de fevereiro de 2022, às 15:08:12 -03, Zacchaeus Scheffer 
escreveu:
> I finally migrated my home configuration to guix home.  However, it seems
> guix home creates all symlinks with 777 permissions.  This causes
> problems with openssh as it will not recognize my
> ~/.ssh/authorized_keys.  It seems the directories have reasonable
> permissions (maybe because they already existed?), but it seems like
> someone could in theory edit the symlinks in-place (though I wasn't able
> to figure that out).

In Linux, symlink permissions are meaningless. From the chmod(1) man page:

“chmod never changes the permissions of symbolic links; the chmod system 
call cannot change their permissions.  This is not a problem since the 
permissions of symbolic links are never used.  However,  for  each symbolic 
link listed on the command line, chmod changes the permissions of the 
pointed-to file.  In contrast, chmod ignores symbolic links encountered 
during recursive directory traversals.”

So AFAIK there’s nothing that guix home can do about that.
I don’t know what that implies for OpenSSH and authorized_keys, though.

-- 
Thanks,
Thiago






This bug report was last modified 3 years and 183 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.