Hi! I wanted to give myself permissions to edit /etc/nixos directory. So I created group nixos, added myself to it, changed group on that folder and its content and chmoded 775. And generally it works, but sometimes the permissions return to 755 on that folder… Group ownership stays on nixos.
Why is this happening? It seems like NixOs interprates that as an error and fixes it.
Is there a way to declare certain directories’ permissions?
Best,
Miro
Pretty sure this is why: nixpkgs/nixos/modules/system/boot/stage-2-init.sh at 8ed1fafea6a613d962f6a84c1153d34dc8b06d83 · NixOS/nixpkgs · GitHub
You can try using tmpfiles (yes, despite the name), but chances are you’re doing this to make your configuration.nix writeable by your user. I’d suggest putting the config in your home directory instead, and telling nix where it is by setting nixos-config=/home/user/some/subdir in your nix path instead.
Also be careful with auto updates if you do this, user processes could in theory change your config under your feet, so make sure to keep it in git and check for changes before you nixos-rebuild.
Mhm, yeah… I saw someone creating systemd unit which chmods proper permissions, I think I’ll do that.
systemd.tmpfiles is probably a better version of that.
Thanks, I’ve read abot it, would that be a proper set up?:
systemd.tmpfiles.rules = [
"d /etc/nixos 0775 root nix"
];
Yeah, that’ll probably work, though I would prefer the settings since it is both more readable and composes better:
systemd.tmpfiles.settings."10-nixos-directory"."/etc/nixos".d = {
group = "nix";
mode = "0755";
};
It worked, but I’ll do your version:)
This seems… strange? I feel like state-2-init.sh does not need to be doing this.
I didn’t pin down when exactly this happens but several times I had to chmod /etc/nixos to the proper permission for me. (maybe after a boot?..)
Yes, that’s because of the line in stage-2-init.sh. I’m just questioning why we have that line in stage-2-init.sh. It seems completely unnecessary and creates confusion like this.
I’m just a humble user grateful that NixOS is free and that community is helpful.