diff options
| author | Munyoki Kilyungi | 2025-09-17 14:37:38 +0300 |
|---|---|---|
| committer | Munyoki Kilyungi | 2025-09-19 15:36:05 +0300 |
| commit | 08d17df4866835dd1ac62dd5495edca46865e6f2 (patch) | |
| tree | 2af8f014eea3aba6e2f25ac9711ac5844913de30 | |
| parent | 2d3385d1f285352ed96a4e1fd68ea04856e25316 (diff) | |
| download | gn-machines-08d17df4866835dd1ac62dd5495edca46865e6f2.tar.gz | |
genenetwork-development: Fix permissions for repository directories.
* genenetwork-development.scm (genenetwork-service-type): Import (ice-9 ftw). Set top-level directories under REPOSITORIES to mode 0775 so they are writable by the "genenetwork" user/group.
| -rw-r--r-- | genenetwork-development.scm | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/genenetwork-development.scm b/genenetwork-development.scm index 62842b0..0600a48 100644 --- a/genenetwork-development.scm +++ b/genenetwork-development.scm @@ -993,7 +993,8 @@ described by CONFIG, a <genenetwork-configuration> object." (gn2-secrets gn3-secrets auth-db-path gn-auth-secrets gn-doc-git-checkout repositories) (with-imported-modules '((guix build utils)) #~(begin - (use-modules (guix build utils)) + (use-modules (guix build utils) + (ice-9 ftw)) ;; Set ownership of files. (for-each (lambda (file) @@ -1011,6 +1012,16 @@ described by CONFIG, a <genenetwork-configuration> object." #:directories? #t) (find-files #$gn-auth-secrets #:directories? #t)))) + ;; Here we need to set the top-level directories for the + ;; repositories to 0775 so that they are editable by the + ;; "genenetwork" user/group. Otherwise, we get: + ;; guix/build/syscalls.scm:1231:10: In procedure unshare: + ;; 268566528: Invalid argument + (for-each (lambda (dir) + (chmod dir #o775)) + (scandir #$repositories + (lambda (name) (not (member name '("." "..")))))) + ;; Prevent other users from reading secret files. (for-each (lambda (file) (chmod file #o600)) |