search

serpent-os / tools

The home of moss (system state manager) and boulder (moss format build tool)
https://serpentos.com
137 stars 12 forks source link

boulder: Do not use `/.moss` store #271

Closed ikeycode closed 4 months ago

ikeycode commented 4 months ago

When invoking boulder build as root it uses /.moss for the store, rather than a private moss store. This seems bad.

ermo commented 4 months ago

I think it's supposed to use /var/cache/boulder/.moss, but I don't think we ever got the requisite defaults locked down.

In the onboarding stuff, we set --moss-root=${HOME}/.cache/boulder/ FWIW.

ikeycode commented 4 months ago

OK. So for recipes should we set a custom moss root in the justfile?

tarkah commented 4 months ago

Let's just have a shared moss root in the boulder cache directory?

ikeycode commented 4 months ago

Or even that yeah. Then if you do use as a shared system user or root it's still a disk share.

Main thing we want is to be able to safely nuke it without borking the host.

Making it default behaviour would mean not being locked to the justfile workflow too!