M nix/nix-daemon/guix-daemon.cc => nix/nix-daemon/guix-daemon.cc +6 -0
@@ 29,6 29,7 @@
#include <argp.h>
#include <unistd.h>
#include <sys/types.h>
+#include <sys/stat.h>
#include <exception>
/* Variables used by `nix-daemon.cc'. */
@@ 194,6 195,11 @@ main (int argc, char *argv[])
exit (EXIT_FAILURE);
}
+ /* Set the umask so that the daemon does not end up creating group-writable
+ files, which would lead to "suspicious ownership or permission" errors.
+ See <http://lists.gnu.org/archive/html/bug-guix/2013-07/msg00033.html>. */
+ umask (S_IWGRP | S_IWOTH);
+
#ifdef HAVE_CHROOT
settings.useChroot = true;
#else
M test-env.in => test-env.in +0 -4
@@ 56,10 56,6 @@ then
# Do that because store.scm calls `canonicalize-path' on it.
mkdir -p "$NIX_STORE_DIR"
- # Set the umask to avoid "suspicious ownership or permission" errors.
- # See <http://lists.gnu.org/archive/html/bug-guix/2013-07/msg00033.html>.
- umask 0022
-
# Launch the daemon without chroot support because is may be
# unavailable, for instance if we're not running as root.
"@abs_top_builddir@/pre-inst-env" \