On Thu, Apr 08, 2021 at 06:38:59PM -0400, Leo Famulari wrote: > On Mon, Jun 29, 2020 at 10:01:54PM +0200, Marius Bakke wrote: > > guix-install.sh should add the build users to the 'kvm' group if present > > so that commands that require use of KVM can succeed. > > Here is a patch (untested) that makes sure a 'kvm' group exists and adds > it to the guixbuilders' groups.
I realized that you specified that the build users should be added to the kvm group 'if' it is present. So, here is a revised patch.
From 1a9fd7decd843f21c36d8ec4d1e218f478b983cf Mon Sep 17 00:00:00 2001
From: Leo Famulari <l...@famulari.name>
Date: Thu, 8 Apr 2021 18:34:43 -0400
Subject: [PATCH v2] guix-install.sh: Add the build users to the 'kvm' group.
* etc/guix-install.sh (sys_create_build_user): If a 'kvm' group exists,
add it to the guixbuilders' lists of supplementary groups.
---
etc/guix-install.sh | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index c84e7b7577..f3fcbf5d05 100755
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -330,15 +330,20 @@ sys_create_build_user()
_msg "${PAS}group <guixbuild> created"
fi
+ if [ $(getent group kvm) ]; then
+ _msg "${INF}group kvm exists and build users will be added to it"
+ local KVMGROUP=,kvm
+ fi
+
for i in $(seq -w 1 10); do
if id "guixbuilder${i}" &>/dev/null; then
_msg "${INF}user is already in the system, reset"
- usermod -g guixbuild -G guixbuild \
+ usermod -g guixbuild -G guixbuild{$KVMGROUP} \
-d /var/empty -s "$(which nologin)" \
-c "Guix build user $i" \
"guixbuilder${i}";
else
- useradd -g guixbuild -G guixbuild \
+ useradd -g guixbuild -G guixbuild{$KVMGROUP} \
-d /var/empty -s "$(which nologin)" \
-c "Guix build user $i" --system \
"guixbuilder${i}";
--
2.31.1
signature.asc
Description: PGP signature
