nixos/atd: prefer 'install' over 'mkdir/chmod/chown'

I don't think there was a security issue here, but using 'install' is preferred. Ref #121293.
3 years ago · 225d915e5c
parent 7ee53c0c4f
commit 225d915e5c
1 changed files with 3 additions and 8 deletions
--- a/nixos/modules/services/scheduling/atd.nix
+++ b/nixos/modules/services/scheduling/atd.nix
@ -81,14 +81,9 @@ in
        jobdir=/var/spool/atjobs
        etcdir=/etc/at

-        for dir in "$spooldir" "$jobdir" "$etcdir"; do
-          if [ ! -d "$dir" ]; then
-              mkdir -p "$dir"
-              chown atd:atd "$dir"
-          fi
-        done
-        chmod 1770 "$spooldir" "$jobdir"
-        ${if cfg.allowEveryone then ''chmod a+rwxt "$spooldir" "$jobdir" '' else ""}
+        install -dm755 -o atd -g atd "$etcdir"
+        spool_and_job_dir_perms=${if cfg.allowEveryone then "1777" else "1770"}
+        install -dm"$spool_and_job_dir_perms" -o atd -g atd "$spooldir" "$jobdir"
        if [ ! -f "$etcdir"/at.deny ]; then
            touch "$etcdir"/at.deny
            chown root:atd "$etcdir"/at.deny