diff options
author | Bjørn Forsman <bjorn.forsman@gmail.com> | 2024-04-06 00:40:07 +0200 |
---|---|---|
committer | Bjørn Forsman <bjorn.forsman@gmail.com> | 2024-04-06 16:38:11 +0200 |
commit | 786141228f3a7d00dc696ae6600f36953710053a (patch) | |
tree | d2e0f1b0ddbae1139e1643388f956db2f51f7896 | |
parent | 9c926d3de2d4a6791129c7c08177ed63f3db3e55 (diff) |
nixos/borgbackup: fix directory ownership regression
Re-add separate creation of the ~/.config and ~/.cache directories so
that they get correct ownership. Or else they get owned by root.
systemd-tmpfiles also warns about it:
machine # [ 3.022195] systemd-tmpfiles[472]: Detected unsafe path transition /home/user1 (owned by user1) → /home/user1/.cache (owned by root) during canonicalization of home/user1/.cache.
machine # [ 3.024566] systemd-tmpfiles[472]: Detected unsafe path transition /home/user1 (owned by user1) → /home/user1/.config (owned by root) during canonicalization of home/user1/.config.
Fixes: 8d3cf213db5a2323 ("nixos/borgbackup: replace activationScript via tmpfiles")
-rw-r--r-- | nixos/modules/services/backup/borgbackup.nix | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/nixos/modules/services/backup/borgbackup.nix b/nixos/modules/services/backup/borgbackup.nix index 6f4455d3be60..ad6194f8262a 100644 --- a/nixos/modules/services/backup/borgbackup.nix +++ b/nixos/modules/services/backup/borgbackup.nix @@ -147,6 +147,9 @@ let let settings = { inherit (cfg) user group; }; in lib.nameValuePair "borgbackup-job-${name}" ({ + # Create parent dirs separately, to ensure correct ownership. + "${config.users.users."${cfg.user}".home}/.config".d = settings; + "${config.users.users."${cfg.user}".home}/.cache".d = settings; "${config.users.users."${cfg.user}".home}/.config/borg".d = settings; "${config.users.users."${cfg.user}".home}/.cache/borg".d = settings; } // optionalAttrs (isLocalPath cfg.repo && !cfg.removableDevice) { |