syscalls: Add ‘get-user-ns’.

* guix/build/syscalls.scm (NS_GET_USERNS): New variable.
(get-user-ns): New procedure.

Change-Id: I0cfba6a7cdf2ab64ef658b0f821ba4e7c6c89eab

1 files changed, 14 insertions, 0 deletions

diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm
index cf09cae3a4..9c64b40d77 100644
--- a/guix/build/syscalls.scm
+++ b/guix/build/syscalls.scm
@@ -147,6 +147,7 @@
             clone
             unshare
             setns
+            get-user-ns
 
             kexec-load-file
             KEXEC_FILE_UNLOAD
@@ -1247,6 +1248,19 @@ there is no such limitation."
                   (list fdes nstype (strerror err))
                   (list err))))))))
 
+(define NS_GET_USERNS #xb701)
+
+(define (get-user-ns fdes)
+  "Return an open file descriptor to the user namespace that owns the
+namespace pointed to by FDES, a file descriptor obtained by opening
+/proc/PID/ns/*."
+  (let-values (((ret err) (%ioctl fdes NS_GET_USERNS %null-pointer)))
+    (when (< ret 0)
+      (throw 'system-error "get-user-ns" "~d: ~A"
+             (list fdes (strerror err))
+             (list err)))
+    ret))
+
 (define pivot-root
   (let ((proc (syscall->procedure int "pivot_root" (list '* '*))))
     (lambda (new-root put-old)