GNU bug report logs - #57493
<user-account> should allow for customizing home directory permission bits

Previous Next

Package: guix;

Reported by: "Thompson, David" <dthompson2 <at> worcester.edu>

Date: Tue, 30 Aug 2022 16:54:02 UTC

Severity: normal

Done: Josselin Poiret <dev <at> jpoiret.xyz>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 57493 <at> debbugs.gnu.org (full text, mbox):

From: "Thompson, David" <dthompson2 <at> worcester.edu>
To: 57493 <at> debbugs.gnu.org
Subject: Re: bug#57493: <user-account> should allow for customizing home
 directory permission bits
Date: Sat, 14 Jan 2023 12:21:14 -0500

[Message part 1 (text/plain, inline)]
On Tue, Aug 30, 2022 at 1:10 PM Thompson, David
<dthompson2 <at> worcester.edu> wrote:
>
> Hi Guix,
>
> Issue 56444 (https://issues.guix.gnu.org/56444) was caused by the activate-users+groups procedure in (gnu build activation) unconditionally setting all user home directory permission bits to 700. The fix for that bug was to set the bits for a particular user to 750 in a service activation script.  The fix is quite imperfect, however, because during system reconfiguration the bits are temporarily reset back to 700 by activate-users+groups, breaking Guix's promise of atomicity.  The proper fix would be to add something like a 'home-directory-permission-bits' field to <user-account>, which defaults to 700, and have activate-users+groups use that value.  This way, there will no longer be an unknown amount of time where the bits are reset and potentially breaking some service during that time.

FInally got around to writing a patch for this!

- Dave

[0001-gnu-system-Add-home-directory-permissions-field-to-u.patch (text/x-patch, attachment)]
This bug report was last modified 1 year and 293 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.