accounts: Add /etc/subuid and /etc/subgid support.

This commit adds a new record type, <subid-entry> and serializers
and deserializers for it in (gnu build accounts).  Each instance of this
record represents one line in either /etc/subuid or /etc/subgid.  Since
Shadow uses the same representation for both files, it should be ok if
we do it as well.

This commit adds also <subid-range>, a user facing representation of
<subid-entry>. It is supposed to be usable directly in OS configurations.

* gnu/build/accounts.scm (subid-entry): New record;
(write-subgid): add serializer for subgids;
(write-subuid): add serializer for subuids;
(read-subgid): add serializer for subgids;
(read-subuid): add serializer for subuids.
* gnu/system/accounts.scm (subid-range): New record.
* test/accounts.scm: Test them.

Change-Id: I6b037e40e354c069bf556412bb5b626bd3ea1b2c
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>

tests/accounts.scm

@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2024 Giacomo Leidi <goodoldpaul@autistici.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -41,6 +42,16 @@ root:" (crypt "secret" "$6$abc") ":17169::::::
 charlie:" (crypt "hey!" "$6$abc") ":17169::::::
 nobody:!:0::::::\n"))
 
+(define %subuid-sample
+  "\
+root:100000:300
+ada:100300:300\n")
+
+(define %subgid-sample
+  "\
+root:100000:600
+ada:100600:300\n")
+
 
 (test-begin "accounts")
 
@@ -135,6 +146,50 @@ nobody:!:0::::::\n"))
                       read-shadow)
                     port))))
 
+(test-equal "write-subuid"
+  %subuid-sample
+  (call-with-output-string
+    (lambda (port)
+      (write-subuid (list (subid-entry
+                           (name "root")
+                           (start 100000)
+                           (count 300))
+                          (subid-entry
+                           (name "ada")
+                           (start 100300)
+                           (count 300)))
+                    port))))
+
+(test-equal "read-subuid + write-subuid"
+  %subuid-sample
+  (call-with-output-string
+    (lambda (port)
+      (write-subuid (call-with-input-string %subuid-sample
+                      read-subuid)
+                    port))))
+
+(test-equal "write-subgid"
+  %subgid-sample
+  (call-with-output-string
+    (lambda (port)
+      (write-subgid (list (subid-entry
+                           (name "root")
+                           (start 100000)
+                           (count 600))
+                          (subid-entry
+                           (name "ada")
+                           (start 100600)
+                           (count 300)))
+                    port))))
+
+(test-equal "read-subgid + write-subgid"
+  %subgid-sample
+  (call-with-output-string
+    (lambda (port)
+      (write-subgid (call-with-input-string %subgid-sample
+                      read-subgid)
+                    port))))
+
 
 (define allocate-groups (@@ (gnu build accounts) allocate-groups))
 (define allocate-passwd (@@ (gnu build accounts) allocate-passwd))