CreateOrMergeNixConfig: set expected nix.conf mode to 644, not 664 (#…

…1316) * CreateOrMergeNixConfig: set expected nix.conf mode to 644, not 664 It has apparently been like this since the start[1], but that was probably a typo. Let's stop perpetuating it. [1]: https://github.com/NixOS/nix/blob/121020fc508b5731209cc158986f1e78fb99ed9f/scripts/install-multi-user.sh#L967 * CreateOrMergeNixConfig: don't error when mode is different When we write out the new or merged config, we'll set it to our expected mode anyways, so there's no need to error if it's different.
DeterminateSystems · Dec 9, 2024 · 82a6444 · 82a6444
1 parent 229832d
commit 82a6444
Showing 1 changed file with 1 addition and 14 deletions.
diff --git a/src/action/base/create_or_merge_nix_config.rs b/src/action/base/create_or_merge_nix_config.rs
@@ -18,7 +18,7 @@ use crate::action::{
 /// The `nix.conf` configuration names that are safe to merge.
 // FIXME(@cole-h): make configurable by downstream users?
 const MERGEABLE_CONF_NAMES: &[&str] = &["experimental-features"];
-const NIX_CONF_MODE: u32 = 0o664;
+const NIX_CONF_MODE: u32 = 0o644;
 const NIX_CONF_COMMENT_CHAR: char = '#';
 
 #[non_exhaustive]
@@ -147,19 +147,6 @@ impl CreateOrMergeNixConfig {
             return Err(Self::error(ActionErrorKind::PathWasNotFile(path)));
         }
 
-        // Does the file have the right permissions?
-        let discovered_mode = metadata.permissions().mode();
-        // We only care about user-group-other permissions
-        let discovered_mode = discovered_mode & 0o777;
-
-        if discovered_mode != NIX_CONF_MODE {
-            return Err(Self::error(ActionErrorKind::PathModeMismatch(
-                path,
-                discovered_mode,
-                NIX_CONF_MODE,
-            )));
-        }
-
         let existing_nix_config = NixConfig::parse_file(&path)
             .map_err(CreateOrMergeNixConfigError::ParseNixConfig)
             .map_err(Self::error)?;