Wojtek's customized Guix https://git.koszko.org/guix/atom?h=koszko 2025-05-12T08:40:02Z 2025-05-12T08:40:02Z Congcong Kuo congcong.kuo@gmail.com 2025-05-11T08:31:22Z urn:sha1:5f3518ca83ad22cd77f24a05110c52907a46565d ‘std::random_shuffle’ was removed in C++14. * nix/libstore/gc.cc (LocalStore::collectGarbage): Use ‘std::random’ and ‘std::shuffle’. Change-Id: If91ed3ec3596a419ae7c87d7ce677e0970853e9f Signed-off-by: Ludovic Courtès <ludo@gnu.org> 2025-04-25T18:25:54Z Ludovic Courtès ludo@gnu.org 2025-04-25T18:17:17Z urn:sha1:0d3bc50b0cffeae05beb12d0c270c6599186c0d7 Partly fixes <https://issues.guix.gnu.org/77862>. Fixes a bug whereby, when running guix-daemon unprivileged, /etc/group would contain the wrong GID for the “nixbld” group. This inconsistency would lead to failures in the Coreutils test suite, for instance. * nix/libstore/build.cc (DerivationGoal::startBuilder): Use ‘guestGID’ when writing /etc/group. * tests/store.scm ("/etc/passwd and /etc/group"): New test. Reported-by: keinflue <keinflue@posteo.net> Change-Id: I739bc96c4c935fd9015a45e2bfe5b3e3f90554a9 2025-04-11T10:18:01Z Ludovic Courtès ludo@gnu.org 2025-04-08T13:18:04Z urn:sha1:ff5181e27e79c88a82dd429b382e0764af489957 Fixes <https://issues.guix.gnu.org/77570>. Commit 40f69b586a440d0397fa3dfe03b95a0f44e4d242 made chroot root directory read-only; as a consequence, build processes attempting to write to the root directory would now get EROFS instead of EACCES. It turns out that a number of test suites (Go, Ruby, SCons, Shepherd) would fail because of this observable difference. To restore previous behavior in build environments while still preventing build processes from exposing their root directory to outside processes, this patch (1) keeps the root writable but #o555 by default, thereby restoring the EACCES behavior, and (2) ensures that the parent of the chroot root directory is itself user-accessible only. * nix/libstore/build.cc (class DerivationGoal)[chrootRootTop]: New field. (DerivationGoal::startBuilder): Initialize ‘chrootRootTop’ and make it ‘AutoDelete’. Replace ‘mount’ call that made the root directory read-only by a mere ‘chmod_’ call. * tests/store.scm ("build root cannot be made world-readable"): Remove. ("writing to build root leads to EACCES"): New test. Reported-by: Ada Stevenson <adanskana@gmail.com> Reported-by: keinflue <keinflue@posteo.net> Suggested-by: Reepca Russelstein <reepca@russelstein.xyz> Change-Id: I5912e8b3b293f8242a010cfc79255fc981314445 2025-03-26T16:57:44Z Ludovic Courtès ludo@gnu.org 2025-02-14T16:29:56Z urn:sha1:bdd7b9a45d650ed45a1569cbc4ed971b52728104 * nix/libstore/build.cc (DerivationGoal::startBuilder): Shuffle comments for clarity. Change-Id: I6557c103ade4a3ab046354548ea193c68f8c9c05 2025-03-26T16:57:44Z Ludovic Courtès ludo@gnu.org 2025-01-23T21:43:54Z urn:sha1:0163c732a17f6358a6b0d8004b27d27650a7d5be * config-daemon.ac: Check for <sys/prctl.h>. * nix/libstore/build.cc (DerivationGoal::runChild): When ‘useChroot’ is true, call ‘prctl’ to drop all ambient capabilities. Change-Id: If34637fc508e5fb6d278167f5df7802fc595284f 2025-03-26T16:57:44Z Ludovic Courtès ludo@gnu.org 2025-01-23T11:13:01Z urn:sha1:a3d6f5ae70298b9b2ff357435ff5925cc6563b1a * nix/libstore/local-store.cc (LocalStore::LocalStore): Create ‘perUserDir’ unconditionally. Change-Id: I5188320f9630a81d16f79212d0fffabd55d94abe 2025-03-26T16:57:43Z Ludovic Courtès ludovic.courtes@inria.fr 2025-01-22T22:40:24Z urn:sha1:ae18b3d9e6bd0c184505a094851448d08555e23e Many thanks to Reepca Russelstein for their review and guidance on these changes. * nix/libstore/build.cc (guestUID, guestGID): New variables. (DerivationGoal)[readiness]: New field. (initializeUserNamespace): New function. (DerivationGoal::runChild): When ‘readiness.readSide’ is positive, read from it. (DerivationGoal::startBuilder): Call ‘chown’ only when ‘buildUser.enabled()’ is true. Pass CLONE_NEWUSER to ‘clone’ when ‘buildUser.enabled()’ is false or not running as root. Retry ‘clone’ without CLONE_NEWUSER upon EPERM. (DerivationGoal::registerOutputs): Make ‘actualPath’ writable before ‘rename’. (DerivationGoal::deleteTmpDir): Catch ‘SysError’ around ‘_chown’ call. * nix/libstore/local-store.cc (LocalStore::createUser): Do nothing if ‘dirs’ already exists. Warn instead of failing when failing to chown ‘dir’. * guix/substitutes.scm (%narinfo-cache-directory): Check for ‘_NIX_OPTIONS’ rather than getuid() == 0 to determine the cache location. * doc/guix.texi (Build Environment Setup): Reorganize a bit. Add section headings “Daemon Running as Root” and “The Isolated Build Environment”. Add “Daemon Running Without Privileges” subsection. Remove paragraph about ‘--disable-chroot’. (Invoking guix-daemon): Warn against ‘--disable-chroot’ and explain why. * tests/derivations.scm ("builder is outside the store"): New test. Reviewed-by: Reepca Russelstein <reepca@russelstein.xyz> 2025-03-26T16:57:43Z Ludovic Courtès ludo@gnu.org 2025-02-14T16:28:41Z urn:sha1:40f69b586a440d0397fa3dfe03b95a0f44e4d242 * nix/libstore/build.cc (DerivationGoal::runChild): Bind-mount the store and /tmp under ‘chrootRootDir’ to themselves as read-write. Remount / as read-only. Change-Id: I79565094c8ec8448401897c720aad75304fd1948 2025-03-26T16:57:43Z Ludovic Courtès ludo@gnu.org 2025-01-27T22:19:48Z urn:sha1:93474f92886fac8a2e5eb0eb3b388654246d640d * nix/libstore/build.cc (DerivationGoal::runChild): Remount ‘target’ as read-only. Reported-by: Reepca Russelstein <reepca@russelstein.xyz> Change-Id: Ib7201bcf4363be566f205d23d17fe2f55d3ad666 2025-03-26T16:57:43Z Ludovic Courtès ludo@gnu.org 2025-02-10T14:22:11Z urn:sha1:550ca89744453ffc53e998979231046fb3e81a6a * nix/libstore/build.cc (DerivationGoal::startBuilder): Add all of ‘inputPaths’ to ‘dirsInChroot’ instead of hard-linking regular files. Special-case symlinks. (DerivationGoal)[regularInputPaths]: Remove. Reported-by: Reepca Russelstein <reepca@russelstein.xyz> Change-Id: I070987f92d73f187f7826a975bee9ee309d67f56