diff options
Diffstat (limited to 'guix/scripts/pull.scm')
| -rw-r--r-- | guix/scripts/pull.scm | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm index f01764637b..b0cc459d63 100644 --- a/guix/scripts/pull.scm +++ b/guix/scripts/pull.scm @@ -20,6 +20,7 @@ (define-module (guix scripts pull) #:use-module ((guix ui) #:hide (display-profile-content)) + #:use-module (guix diagnostics) #:use-module (guix colors) #:use-module (guix utils) #:use-module ((guix status) #:select (with-status-verbosity)) @@ -786,6 +787,35 @@ Use '~/.config/guix/channels.scm' instead.")) channels)) channels))) +(define (validate-cache-directory-ownership) + "Bail out if the cache directory is not owned by the current user." + (let ((stats dir + (let loop ((dir (cache-directory))) + (let ((stats (stat dir #f))) + (if stats + (values stats dir) + (loop (dirname dir))))))) + (let ((dir:uid (stat:uid stats)) + (our:uid (getuid))) + (unless (= dir:uid our:uid) + (let* ((user (lambda (uid) ;handle the unthinkable invalid UID + (or (false-if-exception (passwd:name + (getpwuid uid))) + uid))) + (our:user (user our:uid)) + (dir:user (user dir:uid))) + (raise + (make-compound-condition + (formatted-message + (G_ "directory '~a' is not owned by user ~a") + dir our:user) + (condition + (&fix-hint + (hint + (format #f (G_ "You should run this command as ~a; use \ +@command{sudo -i} or equivalent if you really want to pull as ~a.") + dir:user our:user))))))))))) + (define-command (guix-pull . args) (synopsis "pull the latest revision of Guix") @@ -810,6 +840,10 @@ Use '~/.config/guix/channels.scm' instead.")) ((assoc-ref opts 'generation) (process-generation-change opts profile)) (else + ;; Bail out early when users accidentally run, e.g., ’sudo guix pull’. + ;; If CACHE-DIRECTORY doesn't yet exist, test where it would end up. + (validate-cache-directory-ownership) + (with-store store (with-status-verbosity (assoc-ref opts 'verbosity) (parameterize ((%current-system (assoc-ref opts 'system)) |