diff options
author | Ludovic Courtès <ludo@gnu.org> | 2013-09-26 23:28:17 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2013-09-27 00:46:17 +0200 |
commit | d0c66871b12c491eca6a80c09b836f893c1d4234 (patch) | |
tree | c623176fe1bbfe6bdecd5f606858385d12424c75 /gnu/system/shadow.scm | |
parent | 3abf9b440b97c35d078c60490723684ca757f480 (diff) | |
download | guix-d0c66871b12c491eca6a80c09b836f893c1d4234.tar guix-d0c66871b12c491eca6a80c09b836f893c1d4234.tar.gz |
gnu: vm: Add build users.
* gnu/system/shadow.scm (guix-build-accounts): New procedure.
* gnu/system/vm.scm (system-qemu-image): Use it. Add the "guixbuild"
group.
* gnu/system/dmd.scm (guix-service): Add 'builder-group' parameter.
Pass 'guix-daemon' the '--build-users-group' option.
Diffstat (limited to 'gnu/system/shadow.scm')
-rw-r--r-- | gnu/system/shadow.scm | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm index b2a2121b08..4f59b2b325 100644 --- a/gnu/system/shadow.scm +++ b/gnu/system/shadow.scm @@ -18,8 +18,14 @@ (define-module (gnu system shadow) #:use-module (guix store) - #:use-module (ice-9 match) #:use-module (guix records) + #:use-module (guix packages) + #:use-module ((gnu packages system) + #:select (shadow)) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:use-module (ice-9 match) + #:use-module (ice-9 format) #:export (user-account user-account? user-account-name @@ -38,7 +44,8 @@ user-group-members passwd-file - group-file)) + group-file + guix-build-accounts)) ;;; Commentary: ;;; @@ -110,4 +117,25 @@ file." (add-text-to-store store (if shadow? "shadow" "passwd") contents '())) +(define* (guix-build-accounts store count #:key + (first-uid 30001) + (gid 30000) + (shadow shadow)) + "Return a list of COUNT user accounts for Guix build users, with UIDs +starting at FIRST-UID, and under GID." + (let* ((gid* gid) + (no-login (string-append (package-output store shadow) "/sbin/nologin"))) + (unfold (cut > <> count) + (lambda (n) + (user-account + (name (format #f "guixbuilder~2,'0d" n)) + (password "!") + (uid (+ first-uid n -1)) + (gid gid*) + (comment (format #f "Guix Build User ~2d" n)) + (home-directory "/var/empty") + (shell no-login))) + 1+ + 1))) + ;;; shadow.scm ends here |