diff options
| -rw-r--r-- | nix/libstore/build.cc | 2 | ||||
| -rw-r--r-- | tests/store.scm | 22 |
2 files changed, 23 insertions, 1 deletions
diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc index 4ee4a1ae5f..a1f39d9a8b 100644 --- a/nix/libstore/build.cc +++ b/nix/libstore/build.cc @@ -1854,7 +1854,7 @@ void DerivationGoal::startBuilder() view of the system (e.g., "id -gn"). */ writeFile(chrootRootDir + "/etc/group", (format("nixbld:!:%1%:\n") - % (buildUser.enabled() ? buildUser.getGID() : getgid())).str()); + % (buildUser.enabled() ? buildUser.getGID() : guestGID)).str()); /* Create /etc/hosts with localhost entry. */ if (!fixedOutput) diff --git a/tests/store.scm b/tests/store.scm index b467314bdc..112ea7e2fc 100644 --- a/tests/store.scm +++ b/tests/store.scm @@ -445,6 +445,28 @@ (unless (unprivileged-user-namespace-supported?) (test-skip 1)) +(test-equal "/etc/passwd and /etc/group" + '((name "nixbld") + (uid 30001) + (gid 30000) + (group-name "nixbld")) + (let ((d (build-expression->derivation + %store "passwd-group-check" + `(call-with-output-file %output + (lambda (port) + ',(gettimeofday) + (let ((pw (getpwuid (getuid))) + (gr (getgrgid (getgid)))) + (write `((name ,(passwd:name pw)) + (uid ,(passwd:uid pw)) + (gid ,(passwd:gid pw)) + (group-name ,(group:name gr))) + port))))))) + (build-derivations %store (list d)) + (call-with-input-file (derivation->output-path d) read))) + +(unless (unprivileged-user-namespace-supported?) + (test-skip 1)) (test-equal "inputs are read-only" "All good!" (let* ((input (plain-file (string-append "might-be-tampered-with-" |