diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2023-08-20 02:00:00 +0200 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2023-08-20 02:00:00 +0200 |
commit | 5a2c3352d8f8a08a5ba01542a3f282799e503d33 (patch) | |
tree | e88dfd8995312f69692bcc87c6d8ead62337ede7 | |
parent | 37cca1d87e18c257a9697110557a2bfaf9bc684b (diff) | |
download | guix-5a2c3352d8f8a08a5ba01542a3f282799e503d33.tar.gz guix-5a2c3352d8f8a08a5ba01542a3f282799e503d33.zip |
Revert "gnu: system: Add home-directory-permissions field to <user-account>."
This reverts commit e9a5eebc785cb843034b38c5c5a6dd10904bdf2a, which
as far as I can tell breaks system roll-backs thusly:
[...]
In gnu/build/accounts.scm:
239:27 3 (_ #<<password-entry> name: "root" password: "x" uid: 0 gid: 0 real-name: "System >)
In unknown file:
2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #<undefined>)
In ice-9/boot-9.scm:
1685:16 1 (raise-exception _ #:continuable? _)
1685:16 0 (raise-exception _ #:continuable? _)
ice-9/boot-9.scm:1685:16: In procedure raise-exception:
In procedure string-append: Wrong type (expecting string): #t
-rw-r--r-- | doc/guix.texi | 4 | ||||
-rw-r--r-- | gnu/build/activation.scm | 6 | ||||
-rw-r--r-- | gnu/system/accounts.scm | 3 |
3 files changed, 3 insertions, 10 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 6105195bd9..f82bb99069 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -18057,10 +18057,6 @@ administrator's choice; reconfiguring does @emph{not} change their name. @item @code{home-directory} This is the name of the home directory for the account. -@item @code{home-directory-permissions} (default: @code{#o700}) -The permission bits for the home directory. By default, full access is -granted to the user account and all other access is denied. - @item @code{create-home-directory?} (default: @code{#t}) Indicates whether the home directory of this account should be created if it does not exist yet. diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm index fd043ca131..eea2233563 100644 --- a/gnu/build/activation.scm +++ b/gnu/build/activation.scm @@ -162,14 +162,14 @@ owner-writable in HOME." group records) are all available." (define (make-home-directory user) (let ((home (user-account-home-directory user)) - (home-permissions (user-account-home-directory-permissions user)) (pwd (getpwnam (user-account-name user)))) (mkdir-p home) ;; Always set ownership and permissions for home directories of system - ;; accounts. + ;; accounts. If a service needs looser permissions on its home + ;; directories, it can always chmod it in an activation snippet. (chown home (passwd:uid pwd) (passwd:gid pwd)) - (chmod home home-permissions))) + (chmod home #o700))) (define system-accounts (filter (lambda (user) diff --git a/gnu/system/accounts.scm b/gnu/system/accounts.scm index 15b2afe266..e37b733c6d 100644 --- a/gnu/system/accounts.scm +++ b/gnu/system/accounts.scm @@ -29,7 +29,6 @@ user-account-supplementary-groups user-account-comment user-account-home-directory - user-account-home-directory-permissions user-account-create-home-directory? user-account-shell user-account-system? @@ -71,8 +70,6 @@ (comment user-account-comment (default "")) (home-directory user-account-home-directory (thunked) (default (default-home-directory this-record))) - (home-directory-permissions user-account-home-directory-permissions - (default #o700)) (create-home-directory? user-account-create-home-directory? ;Boolean (default #t)) (shell user-account-shell ; gexp |