environment: Create /etc/group in containers.

Reported by Pierre Neidhardt <mail@ambrevar.xyz>.

* guix/scripts/environment.scm (launch-environment/container): Create
GROUPS and call 'write-group'.
* tests/guix-environment-container.sh: Test it.
This commit is contained in:
Ludovic Courtès 2019-03-26 18:07:58 +01:00
parent 8a9922bdee
commit 952afb6f8c
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
2 changed files with 11 additions and 1 deletions

View file

@ -469,6 +469,9 @@ (define* (launch-environment/container #:key command bash user user-mappings
(directory (if user (directory (if user
(string-append "/home/" user) (string-append "/home/" user)
(passwd:dir pwd)))))) (passwd:dir pwd))))))
(groups (list (group-entry (name "users") (gid 0))
(group-entry (gid 65534) ;the overflow GID
(name "overflow"))))
(home-dir (password-entry-directory passwd)) (home-dir (password-entry-directory passwd))
;; Bind-mount all requisite store items, user-specified mappings, ;; Bind-mount all requisite store items, user-specified mappings,
;; /bin/sh, the current working directory, and possibly networking ;; /bin/sh, the current working directory, and possibly networking
@ -528,6 +531,7 @@ (define* (launch-environment/container #:key command bash user user-mappings
;; sharing the host's network namespace. ;; sharing the host's network namespace.
(mkdir-p "/etc") (mkdir-p "/etc")
(write-passwd (list passwd)) (write-passwd (list passwd))
(write-group groups)
;; For convenience, start in the user's current working ;; For convenience, start in the user's current working
;; directory rather than the root directory. ;; directory rather than the root directory.

View file

@ -46,9 +46,15 @@ fi
if test "x$USER" = "x"; then USER="`id -un`"; fi if test "x$USER" = "x"; then USER="`id -un`"; fi
# Check whether /etc/passwd is valid. # Check whether /etc/passwd and /etc/group are valid.
guix environment -C --ad-hoc --bootstrap guile-bootstrap \ guix environment -C --ad-hoc --bootstrap guile-bootstrap \
-- guile -c "(exit (string=? \"$USER\" (passwd:name (getpwuid (getuid)))))" -- guile -c "(exit (string=? \"$USER\" (passwd:name (getpwuid (getuid)))))"
guix environment -C --ad-hoc --bootstrap guile-bootstrap \
-- guile -c '(exit (string? (group:name (getgrgid (getgid)))))'
guix environment -C --ad-hoc --bootstrap guile-bootstrap \
-- guile -c '(use-modules (srfi srfi-1))
(exit (every group:name
(map getgrgid (vector->list (getgroups)))))'
# Make sure file-not-found errors in mounts are reported. # Make sure file-not-found errors in mounts are reported.
if guix environment --container --ad-hoc --bootstrap guile-bootstrap \ if guix environment --container --ad-hoc --bootstrap guile-bootstrap \