diff options
author | Markus Kowalewski <markus.kowalewski@gmail.com> | 2021-05-01 00:15:55 +0200 |
---|---|---|
committer | Markus Kowalewski <markus.kowalewski@gmail.com> | 2021-05-01 00:15:55 +0200 |
commit | d07185f986c63fd062c6de0b59096365836a5679 (patch) | |
tree | 7498e4637cf89d7f78db3e69f335b55457cb82b1 /nixos/modules | |
parent | a5c0b6fc95104acbcfd9ff0f61e3b106102f2ad0 (diff) | |
download | nixlib-d07185f986c63fd062c6de0b59096365836a5679.tar nixlib-d07185f986c63fd062c6de0b59096365836a5679.tar.gz nixlib-d07185f986c63fd062c6de0b59096365836a5679.tar.bz2 nixlib-d07185f986c63fd062c6de0b59096365836a5679.tar.lz nixlib-d07185f986c63fd062c6de0b59096365836a5679.tar.xz nixlib-d07185f986c63fd062c6de0b59096365836a5679.tar.zst nixlib-d07185f986c63fd062c6de0b59096365836a5679.zip |
nixos/slurm: fix creation of slurmdbd config file
replace cp/chmod by install to avoid security issues. See https://github.com/NixOS/nixpkgs/issues/121293
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/computing/slurm/slurm.nix | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/nixos/modules/services/computing/slurm/slurm.nix b/nixos/modules/services/computing/slurm/slurm.nix index 0b52f8afed83..a3dee94e2dc5 100644 --- a/nixos/modules/services/computing/slurm/slurm.nix +++ b/nixos/modules/services/computing/slurm/slurm.nix @@ -403,9 +403,7 @@ in requires = [ "munged.service" "mysql.service" ]; preStart = '' - cp ${slurmdbdConf} ${configPath} - chmod 600 ${configPath} - chown ${cfg.user} ${configPath} + install -m 600 -o ${cfg.user} -T ${slurmdbdConf} ${configPath} ${optionalString (cfg.dbdserver.storagePassFile != null) '' echo "StoragePass=$(cat ${cfg.dbdserver.storagePassFile})" \ >> ${configPath} |