6cfb3b6364
The reason to patch QEMU is that with latest Nix, tests like "printing" or "misc" fail because they expect the store paths to be owned by uid 0 and gid 0. Starting with NixOS/nix@5e51ffb1c2, Nix builds inside of a new user namespace. Unfortunately this also means that bind-mounted store paths that are part of the derivation's inputs are no longer owned by uid 0 and gid 0 but by uid 65534 and gid 65534. This in turn causes things like sudo or cups to fail with errors about insecure file permissions. So in order to avoid that, let's make sure the VM always gets files owned by uid 0 and gid 0 and does a no-op when doing a chmod on a store path. In addition, this adds a virtualisation.qemu.program option so that we can make sure that we only use the patched version if we're *really* running NixOS VM tests (that is, whenever we have imported test-instrumentation.nix). Tested against the "misc" and "printing" tests. Signed-off-by: aszlig <aszlig@redmoonstudios.org> |
||
---|---|---|
.. | ||
CVE-2016-9102.patch | ||
default.nix | ||
force-uid0-on-9p.patch | ||
no-etc-install.patch |