From 82f5186650dc5546eaa4cdc918c444632fa8086f Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 27 Feb 2016 23:00:22 +0100 Subject: grafts: Make sure files are not created world-writable. * guix/build/graft.scm (rewrite-directory): Add 'umask' call. --- guix/build/graft.scm | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'guix') diff --git a/guix/build/graft.scm b/guix/build/graft.scm index 0a9cd3260c..b216e6c0d7 100644 --- a/guix/build/graft.scm +++ b/guix/build/graft.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015 Ludovic Courtès +;;; Copyright © 2014, 2015, 2016 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -118,6 +118,11 @@ file name pairs." (else (error "unsupported file type" stat))))) + ;; XXX: Work around occasional "suspicious ownership or permission" daemon + ;; errors that arise when we create the top-level /gnu/store/… directory as + ;; #o777. + (umask #o022) + (n-par-for-each (parallel-job-count) rewrite-leaf (find-files directory))) -- cgit v1.2.3