Hi, On 26/07/12 01:35, Marc Weber wrote:
> Right now you should not put passwords into the store, because its world > readable by default. The common workaround is to store files at /root > and put the path into the /store instead, right? > > What about creating a new primop which allows to write arbitrary files? Here is another possible solution: https://github.com/NixOS/nix/issues/8 > Then you could do this: > > services.foo = { > passwordFile = builtins.__writeArbitraryFile "/root/password-for-xy" > 'top-secret-password'; # should return the path > } This is impure. And that really matters. For instance, if (say) Charon copies the resulting closure to another machine, /root/password-for-xy will be missing. -- Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/ _______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev