~ruther/guix-local

185f669109eb56b61c3d51dc8b2e3eeded9b2be9 — Ludovic Courtès 11 years ago 3d116a7 
services: Make sure the store's group is the build group.

* gnu/services/base.scm (guix-service)[activate]: New variable.  Add
  'chown' call for (%store-prefix).  Set the 'activate' field to
  ACTIVATE.
* guix/build/install.scm (directives): Add comment about STORE's group.
patch browse .tar.gz 
2 files changed, 19 insertions(+), 4 deletions(-)

M gnu/services/base.scm
M guix/build/install.scm

M gnu/services/base.scm => gnu/services/base.scm +15 -3
@@ 17,6 17,8 @@
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu services base)
  #:use-module ((guix store)
                #:select (%store-prefix))
  #:use-module (gnu services)
  #:use-module (gnu system shadow)                ; 'user-account', etc.
  #:use-module (gnu system linux)                 ; 'pam-service', etc.


@@ 348,7 350,6 @@ GUIX."
                  (port (open-file key "r0b")))
             (format #t "registering public key '~a'...~%" key)
             (close-port (current-input-port))
             ;; (close-fdes 0)
             (dup port 0)
             (execl (string-append #$guix "/bin/guix")
                    "guix" "archive" "--authorize")


@@ 367,6 368,18 @@ BUILD-ACCOUNTS user accounts available under BUILD-USER-GID.
When AUTHORIZE-HYDRA-KEY? is true, the hydra.gnu.org public key provided by
GUIX is authorized upon activation, meaning that substitutes from
hydra.gnu.org are used by default."
  (define activate
    #~(begin
        ;; Make sure the store has BUILDER-GROUP as its group.  This may fail
        ;; with EACCES when the store is a 9p mount, so catch exceptions.
        (false-if-exception
         (chown #$(%store-prefix) 0
                (group:gid (getgrnam #$builder-group))))

        ;; Optionally authorize hydra.gnu.org's key.
        #$(and authorize-hydra-key?
               (hydra-key-authorization guix))))

  (mlet %store-monad ((accounts (guix-build-accounts build-accounts
                                                     #:group builder-group)))
    (return (service


@@ 383,8 396,7 @@ hydra.gnu.org are used by default."
                                 (name builder-group)
                                 (members (map user-account-name
                                               user-accounts)))))
             (activate (and authorize-hydra-key?
                            (hydra-key-authorization guix)))))))
             (activate activate)))))

(define %base-services
  ;; Convenience variable holding the basic services.


M guix/build/install.scm => guix/build/install.scm +4 -1
@@ 73,7 73,10 @@ directory TARGET."
(define (directives store)
  "Return a list of directives to populate the root file system that will host
STORE."
  `((directory ,store 0 0)
  `(;; Note: The store's group is changed to the "guixbuild" group at
    ;; activation time.
    (directory ,store 0 0)

    (directory "/etc")
    (directory "/var/log")                          ; for dmd
    (directory "/var/guix/gcroots")