guix-install.sh: Use a deterministic umask.

Users with strict umasks (e.g. 0077) would end up with an unreadable
/gnu (mode 0700) and no way to run guix.

Reported by A. <@aaap:matrix.org> on #guix.

* etc/guix-install.sh (main): Set umask before installing anything.

diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index bd3ab90..111e25f 100755 (executable)
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -439,6 +439,7 @@ main()
 
     _msg "${INF}system is ${ARCH_OS}"
 
+    umask 0022
     tmp_path="$(mktemp -t -d guix.XXX)"
 
     guix_get_bin_list "${GNU_URL}"