GNU bug report logs - #18994
Daemon does not preserve supplementary groups of build users

Previous Next

Package: guix;

Reported by: ludo <at> gnu.org (Ludovic Courtès)

Date: Sat, 8 Nov 2014 14:03:01 UTC

Severity: normal

Fixed in version 0.8.3

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

Full log

Message #11 received at 18994 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Eelco Dolstra <eelco.dolstra <at> logicblox.com>
Cc: 18994 <at> debbugs.gnu.org, nix-dev <at> lists.science.uu.nl
Subject: Re: [PATCH] Preserve supplementary groups of build users
Date: Wed, 01 Jul 2015 16:54:00 +0200

Hi Eelco,

Eelco Dolstra <eelco.dolstra <at> logicblox.com> skribis:

> On 01/07/15 11:12, Ludovic Courtès wrote:
>
>>> Currently, the build environment made by the daemon does not preserve
>>> supplementary groups of the build users.
>>>
>>> Thus, even though the standalone Guix system sets /dev/kvm 660, owned by
>>> root:kvm, and adds the build users to the kvm group, build users are
>>> unable to access it.
>> 
>> The following patch is an attempt to address this bug (see
>> <http://bugs.gnu.org/18994>) by preserving the supplementary groups of
>> build users in the build environment.
>> 
>> In practice, I would expect that supplementary groups would contain only
>> one or two groups: the build users group, and possibly the “kvm” group.
>
> Applied, thanks!

Excellent, thank you!

Ludo’.

This bug report was last modified 9 years and 331 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #18994 Daemon does not preserve supplementary groups of build users

GNU bug report logs - #18994
Daemon does not preserve supplementary groups of build users