NixOS-WSL
NixOS-WSL copied to clipboard
nix-community
/run/user/$UID has 0755 access permissions by default
Bug description
On regular NixOS and other distributions /run/user/$UID has 0700 access permissions but on NixOS-WSL it has 0755. This causes problems for some programs like 1password's CLI op which produces an error like: XDG_RUNTIME_DIR file permissions too open, refusing to use
This might be a WSL issue since Ubuntu on WSL also has it set to 0755. Also manually changing the permissions via chmod only lasts until reboot. Is there a way to automatically set the permissions in NixOS-WSL?
IIRC this is intended, see https://github.com/NixOS/nixpkgs/pull/270727/commits/03e79e9ecc0d1b851ef53b67f8925646961cab1a
This commit is from a PR that isn't merged yet and it discusses /run/dbus, not /run/user/$UID.
On my purely NixOS system I have these permissions:
❯ stat -c %a /run/user/1000
700
❯ stat -c %a /run/user
755
❯ stat -c %a /run/dbus
755
While on my NixOS-WSL system I have these:
❯ stat -c %a /run/user/1000
755
❯ stat -c %a /run/user
755
❯ stat -c %a /run/dbus
755
FWIW, this is also the case on the default Ubuntu WSL image, and is also causing issues for me with 1password
Initially I had a service to fix the permissions when 1Password starts up inside WSL:
systemd.user.services = {
_1password_gui_autostart = {
Unit = { Description = "1Password GUI Autostart"; };
Service = {
Environment = "DISPLAY=:0";
ExecStartPre = "${pkgs.coreutils-full}/bin/chmod 700 /run/user/1000";
ExecStart = "${pkgs._1password-gui}/bin/1password";
Restart = "always";
};
Install.WantedBy = [ "default.target" ];
};
};
But eventually, it made more sense to configure WSL to use the Windows version of 1Password so that I don't have to run 2 instances:
{ config, pkgs, lib, ... }: {
programs.git.extraConfig.gpg.ssh.program = "op-ssh-sign-wsl";
programs.git.extraConfig.core.sshCommand = "ssh.exe";
home.shellAliases = {
ssh = "ssh.exe ";
op = "op.exe";
};
}