services: Use a fixed GID for the build group and use that for the store.

This partly reverts commit 185f669 ("services: Make sure the store's group is the build group.") * gnu/services/base.scm (guix-service)[activate]: Remove 'chown' call. Add 'id' field to 'user-group' form. * guix/build/install.scm (directives): Set the store's GID to 30000.
2014-06-06 00:09:12 +02:00 · 2014-06-06 00:09:12 +02:00 · e97c5be914
parent c6b76405ff
commit e97c5be914
2 changed files with 14 additions and 13 deletions
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@ -369,16 +369,13 @@ When AUTHORIZE-HYDRA-KEY? is true, the hydra.gnu.org public key provided by
 GUIX is authorized upon activation, meaning that substitutes from
 hydra.gnu.org are used by default."
  (define activate
-    #~(begin
-        ;; Make sure the store has BUILDER-GROUP as its group.  This may fail
-        ;; with EACCES when the store is a 9p mount, so catch exceptions.
-        (false-if-exception
-         (chown #$(%store-prefix) 0
-                (group:gid (getgrnam #$builder-group))))
+    ;; Assume that the store has BUILDER-GROUP as its group.  We could
+    ;; otherwise call 'chown' here, but the problem is that on a COW unionfs,
+    ;; chown leads to an entire copy of the tree, which is a bad idea.

-        ;; Optionally authorize hydra.gnu.org's key.
-        #$(and authorize-hydra-key?
-               (hydra-key-authorization guix))))
+    ;; Optionally authorize hydra.gnu.org's key.
+    (and authorize-hydra-key?
+         (hydra-key-authorization guix)))

  (mlet %store-monad ((accounts (guix-build-accounts build-accounts
                                                     #:group builder-group)))
@ -395,7 +392,11 @@ hydra.gnu.org are used by default."
             (user-groups (list (user-group
                                 (name builder-group)
                                 (members (map user-account-name
-                                               user-accounts)))))
+                                               user-accounts))
+
+                                 ;; Use a fixed GID so that we can create the
+                                 ;; store with the right owner.
+                                 (id 30000))))
             (activate activate)))))

 (define %base-services
--- a/guix/build/install.scm
+++ b/guix/build/install.scm
@ -73,9 +73,9 @@ directory TARGET."
 (define (directives store)
  "Return a list of directives to populate the root file system that will host
 STORE."
-  `(;; Note: The store's group is changed to the "guixbuild" group at
-    ;; activation time.
-    (directory ,store 0 0)
+  `(;; Note: the store's GID is fixed precisely so we can set it here rather
+    ;; than at activation time.
+    (directory ,store 0 30000)

    (directory "/etc")
    (directory "/var/log")                          ; for dmd