M gnu/services/base.scm => gnu/services/base.scm +15 -1
@@ 1557,7 1557,21 @@ the tty to run, among other things."
(string-append dir "/lib"))
(list #$@name-services))
":")))))
- (stop #~(make-kill-destructor))
+ (stop #~(let ((terminate (make-kill-destructor)))
+ (lambda (process)
+ (terminate process)
+
+ ;; PID 1 might have mapped nscd database files via
+ ;; '__nscd_get_mapping'. Call the relevant libc
+ ;; functions (those with a corresponding GETFD* request
+ ;; type) to cause PID 1 to notice that those mappings
+ ;; are stale and to unmap them. Failure to do so would
+ ;; prevent the root file system from being remounted
+ ;; read-only when shutting down.
+ (false-if-exception (getpw "root"))
+ (false-if-exception (getgr "root"))
+ (false-if-exception (getaddrinfo "localhost" "http"))
+ #f)))
(modules `((ice-9 popen) ;for the actions
(ice-9 rdelim)
(ice-9 match)
M gnu/tests/base.scm => gnu/tests/base.scm +16 -1
@@ 827,6 827,18 @@ in a loop. See <http://bugs.gnu.org/26931>.")
,witness-size))))))
marionette))
+ ;; Cause PID 1 to create a mapping to nscd's database files.
+ ;; Those mappings used to prevent 'root-file-system' to remount
+ ;; read-only on shutdown. See
+ ;; <https://codeberg.org/guix/guix/issues/4269>.
+ (test-equal "open libc NSS database"
+ "root"
+ (marionette-eval '(begin
+ (use-modules (gnu services herd))
+ (start-service 'nscd) ;wait for nscd
+ (eval-there '(passwd:name (getgr "root"))))
+ marionette))
+
;; Halt the system.
(marionette-eval '(system* "/run/current-system/profile/sbin/halt")
marionette)
@@ 891,7 903,10 @@ in a loop. See <http://bugs.gnu.org/26931>.")
"Make sure the root file system is cleanly unmounted when the system is
halted.")
(value
- (let ((os (marionette-operating-system %simple-os)))
+ (let ((os (marionette-operating-system
+ %simple-os
+ #:imported-modules '((gnu services herd)
+ (guix combinators)))))
(run-root-unmount-test os)))))
�