GNU bug report logs - #51442
Non-default umask when using guix system leads to wrong file permissions

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix; Severity: important; Reported by: Josselin Poiret <dev@HIDDEN>; dated Wed, 27 Oct 2021 15:25:01 UTC; Maintainer for guix is bug-guix@HIDDEN.
Severity set to 'important' from 'normal' Request was from Ludovic Courtès <ludo@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 27 Oct 2021 15:24:32 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Oct 27 11:24:32 2021
Received: from localhost ([127.0.0.1]:50223 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1mfkn2-0000pq-EW
	for submit <at> debbugs.gnu.org; Wed, 27 Oct 2021 11:24:32 -0400
Received: from lists.gnu.org ([209.51.188.17]:47610)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <dev@HIDDEN>) id 1mfkmy-0000pe-6k
 for submit <at> debbugs.gnu.org; Wed, 27 Oct 2021 11:24:30 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:60528)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <dev@HIDDEN>) id 1mfkmx-0001tN-CO
 for bug-guix@HIDDEN; Wed, 27 Oct 2021 11:24:27 -0400
Received: from jpoiret.xyz ([206.189.101.64]:34398)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <dev@HIDDEN>) id 1mfkmv-00016b-Ly
 for bug-guix@HIDDEN; Wed, 27 Oct 2021 11:24:26 -0400
Received: from authenticated-user (jpoiret.xyz [206.189.101.64])
 by jpoiret.xyz (Postfix) with ESMTPA id 7F2D5184F41
 for <bug-guix@HIDDEN>; Wed, 27 Oct 2021 15:24:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jpoiret.xyz; s=dkim;
 t=1635348261;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=RzgCq5F4pZ/Wl0zcsLyqF8erTdOVwHRs7+T3iZWFihY=;
 b=WIkCF3Vj1E8CgFIr2ht6FcTzA2VlIqyFWT/qvhTki+h8sNwDi/yiMZL+PcMT8EBPJRLffd
 4DjLgSmydkrTErX3rbUNf7aObFqYazR4sM2XiTm6aa5z3IwJkk/ksU/WWluyNpocZoELQy
 3U+1PxQHb49NTSaA8dEGgWjgemBPgjy0LO4bNwhOGAZREcrHDIeMZ70bzc9rLlMdmgvT18
 4AfseC08WhAZCFDHMwfCbRewlLexnrucxFhhWCOn8qQZTx7nSoZnaZTDMweLBrsDq6DUMz
 pK/krckmfdA1QvaH72Ax6W19aMl960Ntt6CvkwUbtgnyln+2fRAkNIu9CMRnmA==
From: Josselin Poiret <dev@HIDDEN>
To: bug-guix@HIDDEN
Subject: Non-default umask when using guix system leads to wrong file
 permissions
Date: Wed, 27 Oct 2021 15:24:20 +0000
Message-ID: <87wnlya3tn.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spamd-Bar: /
Authentication-Results: jpoiret.xyz;
 auth=pass smtp.auth=jpoiret@HIDDEN smtp.mailfrom=dev@HIDDEN
Received-SPF: pass client-ip=206.189.101.64; envelope-from=dev@HIDDEN;
 helo=jpoiret.xyz
X-Spam_score_int: 5
X-Spam_score: 0.5
X-Spam_bar: /
X-Spam_report: (0.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
 DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_SUSPICIOUS_NTLD=0.499,
 FROM_SUSPICIOUS_NTLD_FP=1.999, PDS_OTHER_BAD_TLD=0.1, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 1.7 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Hi, As reported on IRC by wonko (https://logs.guix.gnu.org/guix/2021-10-27.log#115445),
    when running ‘guix system’ under a different umask, some files are created
    with the wrong permissions. This can [...] 
 
 Content analysis details:   (1.7 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: jpoiret.xyz (xyz)]
  0.9 SPF_FAIL               SPF: sender does not match SPF record (fail)
 [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=dev%40jpoiret.xyz;ip=209.51.188.17;r=debbugs.gnu.org]
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
                             [209.51.188.17 listed in wl.mailspike.net]
 -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,
                             medium trust
                             [209.51.188.17 listed in list.dnswl.org]
  0.5 FROM_SUSPICIOUS_NTLD_FP From abused NTLD
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 0.1 (/)

Hi,

As reported on IRC by wonko
(https://logs.guix.gnu.org/guix/2021-10-27.log#115445), when running
=E2=80=98guix system=E2=80=99 under a different umask, some files are creat=
ed with the
wrong permissions.  This can happen because =E2=80=98sudo=E2=80=99 does by =
default keeps
the umask it is running on (by ORing it with the default one, often
022).

I'm not sure what would be the best way to go about this, I suggest
checking if umask =3D=3D #o022, and if not, print a warning and set it to
#o022, and only in =E2=80=98guix system=E2=80=99.

What do you think?

Best,
Josselin Poiret




Acknowledgement sent to Josselin Poiret <dev@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-guix@HIDDEN. Full text available.
Report forwarded to bug-guix@HIDDEN:
bug#51442; Package guix. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Thu, 28 Oct 2021 23:00:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.