On Mon, Jun 29, 2020 at 10:01:54PM +0200, Marius Bakke wrote: > guix-install.sh should add the build users to the 'kvm' group if present > so that commands that require use of KVM can succeed.
Here is a patch (untested) that makes sure a 'kvm' group exists and adds it to the guixbuilders' groups.
From 929102f7b52d00f731a9f61fb2fe32bad441f1dd Mon Sep 17 00:00:00 2001
From: Leo Famulari <l...@famulari.name>
Date: Thu, 8 Apr 2021 18:34:43 -0400
Subject: [PATCH] guix-install.sh: Add the build users to the 'kvm' group.
* etc/guix-install.sh (sys_create_build_user): Ensure that a 'kvm' group exists,
and add it to the guixbuilders' lists of supplementary groups.
---
etc/guix-install.sh | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index c84e7b7577..15fa44f1e2 100755
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -330,15 +330,22 @@ sys_create_build_user()
_msg "${PAS}group <guixbuild> created"
fi
+ if [ $(getent group kvm) ]; then
+ _msg "${INF}group kvm exists"
+ else
+ groupadd --system kvm
+ _msg "${PAS}group <kvm> created"
+ fi
+
for i in $(seq -w 1 10); do
if id "guixbuilder${i}" &>/dev/null; then
_msg "${INF}user is already in the system, reset"
- usermod -g guixbuild -G guixbuild \
+ usermod -g guixbuild -G guixbuild,kvm \
-d /var/empty -s "$(which nologin)" \
-c "Guix build user $i" \
"guixbuilder${i}";
else
- useradd -g guixbuild -G guixbuild \
+ useradd -g guixbuild -G guixbuild,kvm \
-d /var/empty -s "$(which nologin)" \
-c "Guix build user $i" --system \
"guixbuilder${i}";
--
2.31.1
signature.asc
Description: PGP signature
