about summary refs log tree commit diff
path: root/nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch
diff options
context:
space:
mode:
authorAlyssa Ross <hi@alyssa.is>2023-08-23 10:09:14 +0000
committerAlyssa Ross <hi@alyssa.is>2023-08-26 09:07:03 +0000
commit63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f (patch)
treed58934cb48f9c953b19a0d0d5cffc0d0c5561471 /nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch
parentc4eef3dacb2a3d359561f30917d9e3cc4e041be9 (diff)
parent91a22f76cd1716f9d0149e8a5c68424bb691de15 (diff)
downloadnixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.gz
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.bz2
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.lz
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.xz
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.zst
nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.zip
Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs
Conflicts:
	nixpkgs/pkgs/build-support/go/module.nix
	nixpkgs/pkgs/development/python-modules/django-mailman3/default.nix
Diffstat (limited to 'nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch')
-rw-r--r--nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch40
1 files changed, 40 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch b/nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch
new file mode 100644
index 000000000000..48aa60d4f0d1
--- /dev/null
+++ b/nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch
@@ -0,0 +1,40 @@
+From 29af78b112f7956ac1211fbfec2eadbf4caca40f Mon Sep 17 00:00:00 2001
+From: Yaya <yaya@uwu.is>
+Date: Sun, 6 Aug 2023 00:02:40 +0000
+Subject: [PATCH] Revert "Config: Restrict permissions of OTP config file"
+
+This reverts commit 4befb3b1d02f32eb2c56f12e4684a7bb3167b0ee.
+
+The Nix store is world readable by design.
+---
+ lib/pleroma/config/release_runtime_provider.ex | 14 --------------
+ 1 file changed, 14 deletions(-)
+
+diff --git a/lib/pleroma/config/release_runtime_provider.ex b/lib/pleroma/config/release_runtime_provider.ex
+index 9ec0f975e..91e5f1a54 100644
+--- a/lib/pleroma/config/release_runtime_provider.ex
++++ b/lib/pleroma/config/release_runtime_provider.ex
+@@ -20,20 +20,6 @@ def load(config, opts) do
+ 
+     with_runtime_config =
+       if File.exists?(config_path) do
+-        # <https://git.pleroma.social/pleroma/pleroma/-/issues/3135>
+-        %File.Stat{mode: mode} = File.lstat!(config_path)
+-
+-        if Bitwise.band(mode, 0o007) > 0 do
+-          raise "Configuration at #{config_path} has world-permissions, execute the following: chmod o= #{config_path}"
+-        end
+-
+-        if Bitwise.band(mode, 0o020) > 0 do
+-          raise "Configuration at #{config_path} has group-wise write permissions, execute the following: chmod g-w #{config_path}"
+-        end
+-
+-        # Note: Elixir doesn't provides a getuid(2)
+-        # so cannot forbid group-read only when config is owned by us
+-
+         runtime_config = Config.Reader.read!(config_path)
+ 
+         with_defaults
+-- 
+2.40.1
+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-11 14:22:46 +0000