diff options
| author | Carl Dong <contact@carldong.me> | 2021-02-22 16:22:26 -0500 |
|---|---|---|
| committer | Carl Dong <contact@carldong.me> | 2021-02-23 12:24:17 -0500 |
| commit | d98f4593cf00ab2973f8113e30506861b24383bc (patch) | |
| tree | 51ec578345a129ed6464e00f1f1adc01c17754c1 | |
| parent | 1e7dd584a5f998a5b307285a7bc29ea4ad63ebc8 (diff) | |
guix: Explicitly set umask in build container
A difference in system umask value can cause non-determinism when zip
archives are produced. Set it to a reasonable default.
| -rw-r--r-- | contrib/guix/libexec/build.sh | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/contrib/guix/libexec/build.sh b/contrib/guix/libexec/build.sh index 72588c54a7..119fe04c75 100644 --- a/contrib/guix/libexec/build.sh +++ b/contrib/guix/libexec/build.sh @@ -3,6 +3,16 @@ export LC_ALL=C set -e -o pipefail export TZ=UTC +# Althought Guix _does_ set umask when building its own packages (in our case, +# this is all packages in manifest.scm), it does not set it for `guix +# environment`. It does make sense for at least `guix environment --container` +# to set umask, so if that change gets merged upstream and we bump the +# time-machine to a commit which includes the aforementioned change, we can +# remove this line. +# +# This line should be placed before any commands which creates files. +umask 0022 + if [ -n "$V" ]; then # Print both unexpanded (-v) and expanded (-x) forms of commands as they are # read from this file. |