On 03.05.2025 18:14, Ludovic Courtès wrote:
Hi,
keinflue <keinf...@posteo.net> writes:
Unfortunately the python package also fails with equivalent test
failures. It also has another failure mode where it expects a syscall
to change ownership to the overflow uid to result in EPERM, while it
will produce EINVAL (which happens even if there are no supplementary
groups). Should I post the details here or open a new issue?
I think you can post it here. Perhaps we should eventually keep all
the
issues in this category together in a text file somewhere, with log
excerpts: that would allow us to better assess the packages affected by
this difference between the privileged and the unprivileged daemon is.
It seems that the "chown to overflowgid" issue is somewhat widespread. I
also see the testsuite for go (bootstrap) failing in the same way. I'd
guess most implementations of "chown" system call wrappers in various
languages will have test cases like this that fail to anticipate user
namespaces. I will let my system build keep running a bit longer and
will then post the list of packages I found with log excerpts here.
I wonder if we should set up a separate Cuirass instance or something
building everything with the unprivileged daemon.
That would probably help since I am going to only test the packages that
I am using myself in order to evaluate switching to the unprivileged
guix-daemon. I don't have the resources to do more.
Thanks,
Ludo’.
