Fedora CoreOS ignition 'nested directories' and permissions issue

I’ve created a systemd unit as a user in my ignition file successfully… but the ~/.config folder created as

  directories:
    - path: /home/core/.config/systemd/user/default.target.wants
      mode: 0744
      user:
        name: core
      group:
        name: core

is owner by the root user instead of the core user… which makes things difficult such as creating a toolbox container as the core user doesn’t have permissions…

$ toolbox create
Error: failed to create configuration directory
$ ls -la
total 16
drwx------. 6 core core 138 Feb 17 16:33 .
drwxr-xr-x. 3 root root  18 Feb 17 16:30 ..
-rw-r--r--. 1 core core  18 Feb 15 05:03 .bash_logout
-rw-r--r--. 1 core core 141 Feb 15 05:03 .bash_profile
-rw-r--r--. 1 core core 492 Feb 15 05:03 .bashrc
drwxr-xr-x. 3 root root  21 Feb 17 16:30 .config

Shall I create all the folders individually instead?

  directories:
    - path: /home/core/.config/
      mode: 0744
      user:
        name: core
      group:
        name: core
    - path: /home/core/.config/systemd/
      mode: 0744
      user:
        name: core
      group:
        name: core
    - path: /home/core/.config/systemd/user/
      mode: 0744
      user:
        name: core
      group:
        name: core
    - path: /home/core/.config/systemd/user/default.target.wants
      mode: 0744
      user:
        name: core
      group:
        name: core

It seems a little bit dirty :sweat_smile:

Thanks.

1 Like

Shall I create all the folders individually instead?

Yes, I believe so.

I opened up a GitHub Issue

as I experienced the same thing when I followed the instructions in

I wonder if some warning could be added to butane so that
running butane --strict would fail whenever there are missing
directories in the butane file?

$ butane --help | grep strict
  -s, --strict             fail on any warning

Another idea:
Maybe there could also be an install mode for ignition that would never create,
missing directories?

1 Like

Thanks for opening the issue!
Maybe something like nested can be enabled at path level, so all the folders created inherit those permissions:

    - path: /home/core/.config/systemd/user/default.target.wants
      mode: 0744
      nested: true