From 8e7b618a6177e423c1082ac7dc4f3d5047f45f58 Mon Sep 17 00:00:00 2001
From: Timo Wilken
Date: Sun, 19 Feb 2023 17:21:04 +0100
Subject: Use mcron's #:user instead of manual setuid

---
 tw/services/media.scm | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

(limited to 'tw/services')

diff --git a/tw/services/media.scm b/tw/services/media.scm
index 9533455e..34d25cf2 100644
--- a/tw/services/media.scm
+++ b/tw/services/media.scm
@@ -39,8 +39,7 @@ The service expects a @code{.yt-dlp} config directory inside this one.")
   (schedule (string-or-gexp (random-time-every-second-night 'even?)) "The mcron
 schedule on which to run the download script.  By default, picks a random time
 between 01:00 and 06:00 every second night.")
-  (user (string "root") "The Unix user name to run the script as.")
-  (group (string "root") "The Unix group name to run the script as."))
+  (user (string "root") "The Unix user name to run the script as."))
 
 (define (yt-dlp-cronjob config)
   (list
@@ -55,14 +54,12 @@ between 01:00 and 06:00 every second night.")
                "yt-dlp-command"
                #~(begin
                    (chdir #$(yt-dlp-configuration-media-directory config))
-                   ;; `setgid' first while we're still root
-                   (setgid (group:gid (getgr #$(yt-dlp-configuration-group config))))
-                   (setuid (passwd:uid (getpw #$(yt-dlp-configuration-user config))))
                    ;; Auto-update if we're using yt-dlp from the media directory.
                    #$@(if yt-dlp-package '()
                           (list #~(system* #$yt-dlp-executable "--ignore-config" "--update")))
                    (execl #$yt-dlp-executable
-                          "yt-dlp" "--ignore-config" "--config-location" ".yt-dlp")))))))
+                          "yt-dlp" "--ignore-config" "--config-location" ".yt-dlp")))
+            #:user #$(yt-dlp-configuration-user config)))))
 
 (define yt-dlp-service-type
   (service-type
-- 
cgit v1.2.3