Skip to content

Commit

Permalink
make-disk-image.nix: Really fix write permissions in the store
Browse files Browse the repository at this point in the history 
I think the current one applies the -exec only to those that match
'-type d'. Let's switch it to something that humans can understand...

(cherry picked from commit 758b4c1)

(Yes it should use 'find -print0 | xargs -0' but I'm really afraid of
screwing up again in the same way. Nix doesn't allow spaces and/or
newlines in store paths anyway and it has -maxdepth 1 -mindepth 1 so it
won't fail in practice. If someone can provide a *tested* that doesn't
suffer from the same problems, feel free to improve.)
  • Loading branch information
@dezgeg
dezgeg committed Dec 20, 2017
1 parent 22c7923 commit a7664a6
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion nixos/lib/make-disk-image.nix
View file
Expand Up @@ -125,7 +125,7 @@ let
fakeroot nixos-prepare-root $root ${channelSources} ${config.system.build.toplevel} closure
# fakeroot seems to always give the owner write permissions, which we do not want
find $root/nix/store -mindepth 1 -maxdepth 1 -type f -o -type d -exec chmod -R a-w '{}' \;
find $root/nix/store -mindepth 1 -maxdepth 1 -type f -o -type d | xargs chmod -R a-w
echo "copying staging root to image..."
cptofs ${pkgs.lib.optionalString partitioned "-P 1"} -t ${fsType} -i $diskImage $root/* /
Expand Down

6 comments on commit a7664a6

@copumpkin
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand how this differs!

@dezgeg
Copy link
Contributor Author

@dezgeg dezgeg commented on a7664a6 Dec 20, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand either.

@dezgeg
Copy link
Contributor Author

@dezgeg dezgeg commented on a7664a6 Dec 20, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

+ mkdir /tmp/destdir
+ mkdir /tmp/destdir/dir
+ touch /tmp/destdir/file
+ find /tmp/destdir/ -type f -o -type d -exec echo '{}' ';'
/tmp/destdir/
/tmp/destdir/dir
+ find /tmp/destdir/ '(' -type f -o -type d ')' -exec echo '{}' ';'
/tmp/destdir/
/tmp/destdir/file
/tmp/destdir/dir

@copumpkin
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So the exec is somehow treated as part of the predicate?? Ugh 😄

@dezgeg
Copy link
Contributor Author

@dezgeg dezgeg commented on a7664a6 Dec 20, 2017
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah. I suppose it's a "feature" so that one can do uber complex things like find -type f -exec command-if-file '{}' \; -o -type d -exec command-if-directory '{}' \; all in a single find command...

@copumpkin
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense I guess 😄

Please sign in to comment.