[Nix-dev] [PATCH] Preserve supplementary groups of build users
Ludovic Courtès
ludo at gnu.org
Wed Jul 1 16:54:00 CEST 2015
Hi Eelco,
Eelco Dolstra <eelco.dolstra at logicblox.com> skribis:
> On 01/07/15 11:12, Ludovic Courtès wrote:
>
>>> Currently, the build environment made by the daemon does not preserve
>>> supplementary groups of the build users.
>>>
>>> Thus, even though the standalone Guix system sets /dev/kvm 660, owned by
>>> root:kvm, and adds the build users to the kvm group, build users are
>>> unable to access it.
>>
>> The following patch is an attempt to address this bug (see
>> <http://bugs.gnu.org/18994>) by preserving the supplementary groups of
>> build users in the build environment.
>>
>> In practice, I would expect that supplementary groups would contain only
>> one or two groups: the build users group, and possibly the “kvm” group.
>
> Applied, thanks!
Excellent, thank you!
Ludo’.
More information about the nix-dev
mailing list