On 03/05/2025 04:38, keinflue wrote:
> Hello,
> 
> noticed this on Guix (https://issues.guix.gnu.org/77862#5) with
> coreutils 9.1 and also verified with latest release 9.7.
> 
> When building and running the testsuite of coreutils on Linux in a user
> namespace as unprivileged user the latter may fail chgrp test cases:
> 
>> FAIL: tests/chgrp/default-no-deref.sh
>> FAIL: tests/chgrp/no-x.sh
>> FAIL: tests/chgrp/posix-H.sh
>> FAIL: tests/chgrp/recurse.sh
>> FAIL: tests/chgrp/basic.sh
> 
> The cause for this are supplementary groups of the build process which
> are not mapped in the user namespace via /proc/pid/gid_map.
> 
> Inside the user namespace these groups are reported as the overflow gid
> (by default 65534). require_membership_in_two_groups_ in init.cfg has no
> exemption for this gid and the chgrp tests will attempt to change
> ownership to this gid, assuming this to be valid as usually is the case
> when changing ownership to a supplementary group. However, this is not
> allowed for the unmapped overflow gid and the syscall will fail.
> 
> The same problem occurs in gnulib-tests, but I suppose I should report
> this to the bug-gnulib list.
> 
> This was noticed during experimentation with Guix's new feature to run
> the build daemon as unprivileged user process, which relies on
> unprivileged user namespaces to construct the build container. As
> discussed in the linked issue it isn't really an option to drop the
> supplementary groups in this setting.
> 
> I think the overflow gid should be exempt in
> require_membership_in_two_groups_ as was already implemented for special
> gids on MacOS.

Thanks for the details.

I pushed the attached to avoid this issue.

Marking this as done.

cheers,
Padraig.