summary refs log tree commit diff
path: root/gnu/system/shadow.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2013-09-26 23:28:17 +0200
committerLudovic Courtès <ludo@gnu.org>2013-09-27 00:46:17 +0200
commitd0c66871b12c491eca6a80c09b836f893c1d4234 (patch)
treec623176fe1bbfe6bdecd5f606858385d12424c75 /gnu/system/shadow.scm
parent3abf9b440b97c35d078c60490723684ca757f480 (diff)
downloadguix-d0c66871b12c491eca6a80c09b836f893c1d4234.tar.gz
gnu: vm: Add build users.
* gnu/system/shadow.scm (guix-build-accounts): New procedure.
* gnu/system/vm.scm (system-qemu-image): Use it.  Add the "guixbuild"
  group.
* gnu/system/dmd.scm (guix-service): Add 'builder-group' parameter.
  Pass 'guix-daemon' the '--build-users-group' option.
Diffstat (limited to 'gnu/system/shadow.scm')
-rw-r--r--gnu/system/shadow.scm32
1 files changed, 30 insertions, 2 deletions
diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm
index b2a2121b08..4f59b2b325 100644
--- a/gnu/system/shadow.scm
+++ b/gnu/system/shadow.scm
@@ -18,8 +18,14 @@
 
 (define-module (gnu system shadow)
   #:use-module (guix store)
-  #:use-module (ice-9 match)
   #:use-module (guix records)
+  #:use-module (guix packages)
+  #:use-module ((gnu packages system)
+                #:select (shadow))
+  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-26)
+  #:use-module (ice-9 match)
+  #:use-module (ice-9 format)
   #:export (user-account
             user-account?
             user-account-name
@@ -38,7 +44,8 @@
             user-group-members
 
             passwd-file
-            group-file))
+            group-file
+            guix-build-accounts))
 
 ;;; Commentary:
 ;;;
@@ -110,4 +117,25 @@ file."
   (add-text-to-store store (if shadow? "shadow" "passwd")
                      contents '()))
 
+(define* (guix-build-accounts store count #:key
+                              (first-uid 30001)
+                              (gid 30000)
+                              (shadow shadow))
+  "Return a list of COUNT user accounts for Guix build users, with UIDs
+starting at FIRST-UID, and under GID."
+  (let* ((gid*     gid)
+         (no-login (string-append (package-output store shadow) "/sbin/nologin")))
+    (unfold (cut > <> count)
+            (lambda (n)
+              (user-account
+               (name (format #f "guixbuilder~2,'0d" n))
+               (password "!")
+               (uid (+ first-uid n -1))
+               (gid gid*)
+               (comment (format #f "Guix Build User ~2d" n))
+               (home-directory "/var/empty")
+               (shell no-login)))
+            1+
+            1)))
+
 ;;; shadow.scm ends here
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-11 10:30:17 +0000