diff --git a/gnu/services/base.scm b/gnu/services/base.scm index c43f39fe32..062364bf81 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -1557,7 +1557,21 @@ the tty to run, among other things." (string-append dir "/lib")) (list #$@name-services)) ":"))))) - (stop #~(make-kill-destructor)) + (stop #~(let ((terminate (make-kill-destructor))) + (lambda (process) + (terminate process) + + ;; PID 1 might have mapped nscd database files via + ;; '__nscd_get_mapping'. Call the relevant libc + ;; functions (those with a corresponding GETFD* request + ;; type) to cause PID 1 to notice that those mappings + ;; are stale and to unmap them. Failure to do so would + ;; prevent the root file system from being remounted + ;; read-only when shutting down. + (false-if-exception (getpw "root")) + (false-if-exception (getgr "root")) + (false-if-exception (getaddrinfo "localhost" "http")) + #f))) (modules `((ice-9 popen) ;for the actions (ice-9 rdelim) (ice-9 match) diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index dc51880d8e..86fa6374ef 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -827,6 +827,18 @@ in a loop. See .") ,witness-size)))))) marionette)) + ;; Cause PID 1 to create a mapping to nscd's database files. + ;; Those mappings used to prevent 'root-file-system' to remount + ;; read-only on shutdown. See + ;; . + (test-equal "open libc NSS database" + "root" + (marionette-eval '(begin + (use-modules (gnu services herd)) + (start-service 'nscd) ;wait for nscd + (eval-there '(passwd:name (getgr "root")))) + marionette)) + ;; Halt the system. (marionette-eval '(system* "/run/current-system/profile/sbin/halt") marionette) @@ -891,7 +903,10 @@ in a loop. See .") "Make sure the root file system is cleanly unmounted when the system is halted.") (value - (let ((os (marionette-operating-system %simple-os))) + (let ((os (marionette-operating-system + %simple-os + #:imported-modules '((gnu services herd) + (guix combinators))))) (run-root-unmount-test os)))))