~ruther/guix-local: environment: Do not attempt to map GID 0 when invoked as root.

7b9c30de1fba4ec190ca7fb6f2d85ddc802f7778 — Ludovic Courtès 2 months ago 0c60cfc

environment: Do not attempt to map GID 0 when invoked as root.

* guix/scripts/environment.scm (launch-environment/container): Set ‘gid’ to
1000 when ‘getgid’ returns zero.

Fixes: guix/guix#4234
Reported-by: Maxim Cournoyer <maxim@guixotic.coop>
Change-Id: I781f2939dfd3cda23373d2fa03e288995bce9eb9

patch browse .tar.gz

1 files changed, 7 insertions(+), 1 deletions(-)

M guix/scripts/environment.scm

M guix/scripts/environment.scm => guix/scripts/environment.scm +7 -1

@@ 828,7 828,13 @@ WHILE-LIST."
      (let* ((cwd      (getcwd))
             (home     (getenv "HOME"))
             (uid      (if user 1000 (getuid)))
-            (gid      (if user 1000 (getgid)))
+            (gid      (if user
+                          1000
+                          ;; When running as root, always map a non-zero GID
+                          ;; or writing to 'gid_map' would fail with EPERM.
+                          (match (getgid)
+                            (0 1000)
+                            (gid gid))))
 
             ;; On a foreign distro, the name service switch might be
             ;; dysfunctional and 'getpwuid' throws.  Don't let that hamper