|
From: | Zacchaeus Scheffer |
Subject: | bug#53752: guix home symlink permissions |
Date: | Mon, 7 Feb 2022 14:47:57 -0500 |
> I finally migrated my home configuration to guix home. However, it
> seems guix home creates all symlinks with 777 permissions. This causes
> problems with openssh as it will not recognize my
> ~/.ssh/authorized_keys. It seems the directories have reasonable
> permissions (maybe because they already existed?), but it seems like
> someone could in theory edit the symlinks in-place (though I wasn't
> able to figure that out).
Instead of using symllinks for ~/.ssh/authorized_keys, you could try to
write a home-activation-service, which
1. creates ~/.ssh with chmod 700
1a. if it already existed, enforces chmod 700 anyways
2. creates authorized_keys with chmod 600 if it doesn't exist
3. writes the authorized keys.I'll try that soon (next 1-3 days), and hopefully then we can close this issue.
[Prev in Thread] | Current Thread | [Next in Thread] |