From 9f09903aff038533450a134a3c12e0e3e29c4ce6 Mon Sep 17 00:00:00 2001 From: Josselin Poiret Date: Mon, 24 Apr 2023 21:59:03 +0200 Subject: system: guix: Use config's ACL file location. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/base.scm (substitute-key-authorization): Use %acl-file instead of hardcoded "/etc/guix/acl". Signed-off-by: Ludovic Courtès --- gnu/services/base.scm | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'gnu/services') diff --git a/gnu/services/base.scm b/gnu/services/base.scm index e8eae72aa2..4adb551796 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -83,6 +83,7 @@ #:use-module (guix gexp) #:use-module (guix records) #:use-module (guix modules) + #:use-module (guix pki) #:use-module ((guix self) #:select (make-config.scm)) #:use-module (guix diagnostics) #:use-module (guix i18n) @@ -1727,19 +1728,19 @@ archive' public keys, with GUIX." (with-imported-modules '((guix build utils)) #~(begin (use-modules (guix build utils)) - + (define acl-file #$%acl-file) ;; If the ACL already exists, move it out of the way. Create a backup ;; if it's a regular file: it's likely that the user manually updated ;; it with 'guix archive --authorize'. - (if (file-exists? "/etc/guix/acl") - (if (and (symbolic-link? "/etc/guix/acl") - (store-file-name? (readlink "/etc/guix/acl"))) - (delete-file "/etc/guix/acl") - (rename-file "/etc/guix/acl" "/etc/guix/acl.bak")) - (mkdir-p "/etc/guix")) + (if (file-exists? acl-file) + (if (and (symbolic-link? acl-file) + (store-file-name? (readlink acl-file))) + (delete-file acl-file) + (rename-file acl-file (string-append acl-file ".bak"))) + (mkdir-p (dirname acl-file))) ;; Installed the declared ACL. - (symlink #+default-acl "/etc/guix/acl")))) + (symlink #+default-acl acl-file)))) (define %default-authorized-guix-keys ;; List of authorized substitute keys. -- cgit 1.4.1