diff options
author | lassulus <lassulus@lassul.us> | 2022-05-28 12:19:51 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2022-05-28 12:19:51 +0200 |
commit | 3c2e24df1cb4a80481fa2c123fa910692c4f21a2 (patch) | |
tree | d45dcbf2724fc946ff78d3f53075414081328ba0 /krebs | |
parent | d9fe5d46299206730e88ba61a32f4a34c6eea44c (diff) |
acl: run mkdir, skip /
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/3modules/acl.nix | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/krebs/3modules/acl.nix b/krebs/3modules/acl.nix index 9cdbb6cff..d23706499 100644 --- a/krebs/3modules/acl.nix +++ b/krebs/3modules/acl.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let parents = dir: if dir == "/" then - [ dir ] + [] else [ dir ] ++ parents (builtins.dirOf dir) ; @@ -40,13 +40,16 @@ in { pkgs.coreutils ]; serviceConfig = { - ExecStart = pkgs.writers.writeDash "acl" (lib.concatStrings ( - lib.mapAttrsToList (_: rule: '' - setfacl -${lib.optionalString rule.recursive "R"}m ${rule.rule} ${path} - ${lib.optionalString rule.default "setfacl -${lib.optionalString rule.recursive "R"}dm ${rule.rule} ${path}"} - ${lib.optionalString rule.parents (lib.concatMapStringsSep "\n" (folder: "setfacl -m ${rule.rule} ${folder}") (parents path))} - '') rules - )); + ExecStart = pkgs.writers.writeDash "acl" '' + mkdir -p "${path}" + ${lib.concatStrings ( + lib.mapAttrsToList (_: rule: '' + setfacl -${lib.optionalString rule.recursive "R"}m ${rule.rule} ${path} + ${lib.optionalString rule.default "setfacl -${lib.optionalString rule.recursive "R"}dm ${rule.rule} ${path}"} + ${lib.optionalString rule.parents (lib.concatMapStringsSep "\n" (folder: "setfacl -m ${rule.rule} ${folder}") (parents (builtins.dirOf path)))} + '') rules + )} + ''; RemainAfterExit = true; Type = "simple"; }; |