From ee0f3e7ad9aa61f02283eb1c18f670703eea20ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niklas=20Hamb=C3=BCchen?= Date: Sat, 1 Apr 2017 14:42:21 +0200 Subject: [PATCH] acme: Use `chown -R` for challenges directory. Fixes #24529. Commit 75f131da02c00027b9a8240fb74d117cb0f9d9cf added `chown 'nginx:nginx' '/var/lib/acme'` to the pre-start script, but since it doesn't use `chown -R`, it is possible that there are older existing subdirs (like `acme-challenge`) that are owned to `root` from before that commit went it. --- nixos/modules/security/acme.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 703d5ddbd0e2..ada198e0e586 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -178,7 +178,7 @@ in path = [ pkgs.simp_le ]; preStart = '' mkdir -p '${cfg.directory}' - chown '${data.user}:${data.group}' '${cfg.directory}' + chown -R '${data.user}:${data.group}' '${cfg.directory}' if [ ! -d '${cpath}' ]; then mkdir '${cpath}' fi