GNU bug report logs -
#77968
[PATCH 0/1] gnu: openssh: Trust store items owned by guix-daemon.
Previous Next
Reported by: Sergey Trofimov <sarg <at> sarg.org.ru>
Date: Mon, 21 Apr 2025 17:52:01 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
After migration to rootless guix-daemon on Guix system, ssh started to refuse
operations with the error `Bad owner or permissions on /home/sarg/.ssh/config`.
The config is managed with `home-openssh-service-type` and is a symlink to
/gnu/store/... The file was previously owned by root which is treated specially
in openssh source code.
As a solution I suggest to patch ssh to trust config files in /gnu/store/ As a
workaround users can for now use `ssh -F ~/.ssh/config` as this would skip
ownership checks.
Sergey Trofimov (1):
gnu: openssh: Trust store items owned by guix-daemon.
.../openssh-trust-guix-store-directory.patch | 67 +++++++++++++------
gnu/packages/ssh.scm | 2 +-
2 files changed, 47 insertions(+), 22 deletions(-)
base-commit: 7a7eff34613c9b3357adf39813793f607c03629d
--
2.49.0
This bug report was last modified 16 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.