diff options
author | Ludovic Courtès <ludo@gnu.org> | 2014-06-06 00:09:12 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2014-06-06 00:28:21 +0200 |
commit | e97c5be914864674d024dd088eb1f2788ac49f46 (patch) | |
tree | b18a5aeaae41dac7211e1d30cb384197f9dabb63 | |
parent | c6b76405ffedae1649f3ed68717c70c7f2443347 (diff) | |
download | gnu-guix-e97c5be914864674d024dd088eb1f2788ac49f46.tar gnu-guix-e97c5be914864674d024dd088eb1f2788ac49f46.tar.gz |
services: Use a fixed GID for the build group and use that for the store.
This partly reverts commit 185f669 ("services: Make sure the store's
group is the build group.")
* gnu/services/base.scm (guix-service)[activate]: Remove 'chown' call.
Add 'id' field to 'user-group' form.
* guix/build/install.scm (directives): Set the store's GID to 30000.
-rw-r--r-- | gnu/services/base.scm | 21 | ||||
-rw-r--r-- | guix/build/install.scm | 6 |
2 files changed, 14 insertions, 13 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 94fa919c0f..65a8ceefc4 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -369,16 +369,13 @@ When AUTHORIZE-HYDRA-KEY? is true, the hydra.gnu.org public key provided by GUIX is authorized upon activation, meaning that substitutes from hydra.gnu.org are used by default." (define activate - #~(begin - ;; Make sure the store has BUILDER-GROUP as its group. This may fail - ;; with EACCES when the store is a 9p mount, so catch exceptions. - (false-if-exception - (chown #$(%store-prefix) 0 - (group:gid (getgrnam #$builder-group)))) + ;; Assume that the store has BUILDER-GROUP as its group. We could + ;; otherwise call 'chown' here, but the problem is that on a COW unionfs, + ;; chown leads to an entire copy of the tree, which is a bad idea. - ;; Optionally authorize hydra.gnu.org's key. - #$(and authorize-hydra-key? - (hydra-key-authorization guix)))) + ;; Optionally authorize hydra.gnu.org's key. + (and authorize-hydra-key? + (hydra-key-authorization guix))) (mlet %store-monad ((accounts (guix-build-accounts build-accounts #:group builder-group))) @@ -395,7 +392,11 @@ hydra.gnu.org are used by default." (user-groups (list (user-group (name builder-group) (members (map user-account-name - user-accounts))))) + user-accounts)) + + ;; Use a fixed GID so that we can create the + ;; store with the right owner. + (id 30000)))) (activate activate))))) (define %base-services diff --git a/guix/build/install.scm b/guix/build/install.scm index ea787b63e2..2a76394faa 100644 --- a/guix/build/install.scm +++ b/guix/build/install.scm @@ -73,9 +73,9 @@ directory TARGET." (define (directives store) "Return a list of directives to populate the root file system that will host STORE." - `(;; Note: The store's group is changed to the "guixbuild" group at - ;; activation time. - (directory ,store 0 0) + `(;; Note: the store's GID is fixed precisely so we can set it here rather + ;; than at activation time. + (directory ,store 0 30000) (directory "/etc") (directory "/var/log") ; for dmd |