Hello Zacchaeus, Em quinta-feira, 3 de fevereiro de 2022, às 15:08:12 -03, Zacchaeus Scheffer escreveu: > I finally migrated my home configuration to guix home. However, it seems > guix home creates all symlinks with 777 permissions. This causes > problems with openssh as it will not recognize my > ~/.ssh/authorized_keys. It seems the directories have reasonable > permissions (maybe because they already existed?), but it seems like > someone could in theory edit the symlinks in-place (though I wasn't able > to figure that out).
In Linux, symlink permissions are meaningless. From the chmod(1) man page: “chmod never changes the permissions of symbolic links; the chmod system call cannot change their permissions. This is not a problem since the permissions of symbolic links are never used. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed-to file. In contrast, chmod ignores symbolic links encountered during recursive directory traversals.” So AFAIK there’s nothing that guix home can do about that. I don’t know what that implies for OpenSSH and authorized_keys, though. -- Thanks, Thiago
