summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2022-05-28 12:19:51 +0200
committerlassulus <lassulus@lassul.us>2022-05-28 12:19:51 +0200
commit3c2e24df1cb4a80481fa2c123fa910692c4f21a2 (patch)
treed45dcbf2724fc946ff78d3f53075414081328ba0
parentd9fe5d46299206730e88ba61a32f4a34c6eea44c (diff)
acl: run mkdir, skip /
-rw-r--r--krebs/3modules/acl.nix19
1 files changed, 11 insertions, 8 deletions
diff --git a/krebs/3modules/acl.nix b/krebs/3modules/acl.nix
index 9cdbb6cff..d23706499 100644
--- a/krebs/3modules/acl.nix
+++ b/krebs/3modules/acl.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }: let
parents = dir:
if dir == "/" then
- [ dir ]
+ []
else
[ dir ] ++ parents (builtins.dirOf dir)
;
@@ -40,13 +40,16 @@ in {
pkgs.coreutils
];
serviceConfig = {
- ExecStart = pkgs.writers.writeDash "acl" (lib.concatStrings (
- lib.mapAttrsToList (_: rule: ''
- setfacl -${lib.optionalString rule.recursive "R"}m ${rule.rule} ${path}
- ${lib.optionalString rule.default "setfacl -${lib.optionalString rule.recursive "R"}dm ${rule.rule} ${path}"}
- ${lib.optionalString rule.parents (lib.concatMapStringsSep "\n" (folder: "setfacl -m ${rule.rule} ${folder}") (parents path))}
- '') rules
- ));
+ ExecStart = pkgs.writers.writeDash "acl" ''
+ mkdir -p "${path}"
+ ${lib.concatStrings (
+ lib.mapAttrsToList (_: rule: ''
+ setfacl -${lib.optionalString rule.recursive "R"}m ${rule.rule} ${path}
+ ${lib.optionalString rule.default "setfacl -${lib.optionalString rule.recursive "R"}dm ${rule.rule} ${path}"}
+ ${lib.optionalString rule.parents (lib.concatMapStringsSep "\n" (folder: "setfacl -m ${rule.rule} ${folder}") (parents (builtins.dirOf path)))}
+ '') rules
+ )}
+ '';
RemainAfterExit = true;
Type = "simple";
};