services: gitolite: Relax permissions on service user home directory.

Fixes https://issues.guix.gnu.org/56444 * gnu/services/version-control.scm (gitolite-activation): Modify permissions on home directory so that git group has read access. Reported-by: Evgeny Pisemsky <evgeny@pisemsky.com> Experienced by David Thompson for years, wondering what was wrong. Thanks for finding the root cause, Evgeny! :)
2022-08-19 09:20:06 -04:00 · 2022-08-19 09:20:06 -04:00 · 9b5b1dde32
commit 9b5b1dde32
parent c19a432652
1 changed files with 8 additions and 0 deletions
--- a/gnu/services/version-control.scm
+++ b/gnu/services/version-control.scm
@ -331,6 +331,14 @@ access to exported repositories under @file{/srv/git}."
                               (strip-store-file-name admin-pubkey))))
                (rc-file #$(string-append home "/.gitolite.rc")))

+           ;; activate-users+groups in (gnu build activation) sets the
+           ;; permission flags of home directories to #o700 and mentions that
+           ;; services needing looser permissions should chmod it during
+           ;; service activation.  We also want the git group to be able to
+           ;; read from the gitolite home directory, so a chmod'ing we will
+           ;; go!
+           (chmod #$home #o750)
+
           (simple-format #t "guix: gitolite: installing ~A\n" #$rc-file)
           (copy-file #$rc-file rc-file)
           ;; ensure gitolite's user can read the configuration