Open Peledron opened 1 week ago
I have overwritten the nix-mineral option with systemd.tmpfiles.settings."restricthome" = lib.mkForce {};
, this stopped the problem with my boot time (but no longer ensures the permissions of my $HOME folder)
https://man7.org/linux/man-pages/man5/tmpfiles.d.5.html
x
Ignore a path during cleaning. Use this type to exclude paths
from clean-up as controlled with the Age parameter. Lines of
this type accept shell-style globs in place of normal path
names.
What this means for us is that there are ways to exclude directories form being managed by tmpfiles. E.G, we can use:
systemd.tmpfiles.settings."restricthome"."/home/*/.snapshots/*".x;
This will need some testing, though, as we all know that sometimes things go the way we think they will.
the systemd.tmpfiles.settings."restricthome"."/home/*".Z.mode = "0700"; option makes the systemd-tmpfiles-setup.service extend the boot time.
Looking at the logs it seems to be attempting to go into my .snapshots directory and trying to change each of the readonly files therein (I use a btrfs subvolume for my /home/$USER directory and have setup snapper to take automatic snapshots, it requires this .snapshots folder), the error goes like:
fchmod() of /home/$USER/.snapshots/$SNAPSHOT failed: Read-only file system
( repeating a few thousand times). Additionally at the end of the log there is also:Detected "unsafe path transition /home/$USER (owned by $USER) → /home/$USER/.snapshots (owned by root) during canonicalization of home/$USER/.snapshots.
I have been trying in vain to find a way to exclude folders from systemd.tmpfiles (if anyone knows of a way pls tell me).