[Nix-dev] Change owner and permissions of a file in nix-store
Luca Bruno
lethalman88 at gmail.com
Wed Dec 16 20:05:49 CET 2015
I think a good workaround to avoid using absolute paths in general (which
thus allows for exchanging derivations between machines) may work as
follows:
1. The derivation creates a tar. In a tar, you can set the permissions and
ownership you want.
2. Create some activation script that untars the archive preserving the
permissions under some path.
On Wed, Dec 16, 2015 at 7:35 PM, Eelco Dolstra <eelco.dolstra at logicblox.com>
wrote:
> Hi,
>
> On 16/12/15 16:07, Augustin Borsu wrote:
>
> > I'm using the following snippet to deploy a private key and certificate
> > to my server using nixops.
> > I was wondering, is it possible to change the owner and permissions of
> > files in the nix-store?
>
> No, this is not currently possible. There is a PR open for adding support
> for
> private files [1].
>
> An alternative solution would be support for encrypted files in the Nix
> store
> (i.e. secrets get encrypted at evaluation time, and decrypted at runtime).
> I
> implemented a prototype a while back [2], but it's not merged either.
>
> [1] https://github.com/NixOS/nix/pull/329
>
> [2]
>
> https://github.com/edolstra/nix/commit/6b7003672ff8d73d2a1f3b6709b216b3d0a7ad9c
> ,
> example usage for wpa_supplicant.conf keys:
>
> https://github.com/edolstra/nixpkgs/commit/4c8212069429bf9fb959e00ce8d9345ac7cb7ff0
>
> --
> Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
--
NixOS Linux <http://nixos.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20151216/d13ac012/attachment.html
More information about the nix-dev
mailing list