diff options
| author | Markus Kowalewski <markus.kowalewski@gmail.com> | 2021-05-01 00:15:55 +0200 |
|---|---|---|
| committer | Markus Kowalewski <markus.kowalewski@gmail.com> | 2021-05-01 00:15:55 +0200 |
| commit | d07185f986c63fd062c6de0b59096365836a5679 (patch) | |
| tree | 7498e4637cf89d7f78db3e69f335b55457cb82b1 /nixos | |
| parent | a5c0b6fc95104acbcfd9ff0f61e3b106102f2ad0 (diff) | |
| download | nixpkgs-d07185f986c63fd062c6de0b59096365836a5679.tar nixpkgs-d07185f986c63fd062c6de0b59096365836a5679.tar.gz nixpkgs-d07185f986c63fd062c6de0b59096365836a5679.tar.bz2 nixpkgs-d07185f986c63fd062c6de0b59096365836a5679.tar.lz nixpkgs-d07185f986c63fd062c6de0b59096365836a5679.tar.xz nixpkgs-d07185f986c63fd062c6de0b59096365836a5679.tar.zst nixpkgs-d07185f986c63fd062c6de0b59096365836a5679.zip | |
nixos/slurm: fix creation of slurmdbd config file
replace cp/chmod by install to avoid security issues. See https://github.com/NixOS/nixpkgs/issues/121293
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/computing/slurm/slurm.nix | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/nixos/modules/services/computing/slurm/slurm.nix b/nixos/modules/services/computing/slurm/slurm.nix index 0b52f8afed8..a3dee94e2dc 100644 --- a/nixos/modules/services/computing/slurm/slurm.nix +++ b/nixos/modules/services/computing/slurm/slurm.nix @@ -403,9 +403,7 @@ in requires = [ "munged.service" "mysql.service" ]; preStart = '' - cp ${slurmdbdConf} ${configPath} - chmod 600 ${configPath} - chown ${cfg.user} ${configPath} + install -m 600 -o ${cfg.user} -T ${slurmdbdConf} ${configPath} ${optionalString (cfg.dbdserver.storagePassFile != null) '' echo "StoragePass=$(cat ${cfg.dbdserver.storagePassFile})" \ >> ${configPath} |