daemon: Use the guest GID in /etc/group.

Partly fixes <https://issues.guix.gnu.org/77862>.

Fixes a bug whereby, when running guix-daemon unprivileged, /etc/group
would contain the wrong GID for the “nixbld” group.  This inconsistency
would lead to failures in the Coreutils test suite, for instance.

* nix/libstore/build.cc (DerivationGoal::startBuilder): Use ‘guestGID’
when writing /etc/group.
* tests/store.scm ("/etc/passwd and /etc/group"): New test.

Reported-by: keinflue <keinflue@posteo.net>
Change-Id: I739bc96c4c935fd9015a45e2bfe5b3e3f90554a9

1 files changed, 22 insertions, 0 deletions

diff --git a/tests/store.scm b/tests/store.scm
index b467314bdc..112ea7e2fc 100644
--- a/tests/store.scm
+++ b/tests/store.scm
@@ -445,6 +445,28 @@
 
 (unless (unprivileged-user-namespace-supported?)
   (test-skip 1))
+(test-equal "/etc/passwd and /etc/group"
+  '((name "nixbld")
+    (uid 30001)
+    (gid 30000)
+    (group-name "nixbld"))
+  (let ((d (build-expression->derivation
+            %store "passwd-group-check"
+            `(call-with-output-file %output
+               (lambda (port)
+                 ',(gettimeofday)
+                 (let ((pw (getpwuid (getuid)))
+                       (gr (getgrgid (getgid))))
+                   (write `((name ,(passwd:name pw))
+                            (uid ,(passwd:uid pw))
+                            (gid ,(passwd:gid pw))
+                            (group-name ,(group:name gr)))
+                          port)))))))
+    (build-derivations %store (list d))
+    (call-with-input-file (derivation->output-path d) read)))
+
+(unless (unprivileged-user-namespace-supported?)
+  (test-skip 1))
 (test-equal "inputs are read-only"
   "All good!"
   (let* ((input (plain-file (string-append "might-be-tampered-with-"