NixOS VM tests: Don't create a setgid group in vde_switch

edolstra · edolstra · commit 7648f528de99 · 2017-06-07T12:00:35.000+02:00
Nix no longer allows this for security reasons. http://hydra.nixos.org/build/53993125 (cherry picked from commit 0996ea8)
diff --git a/nixos/lib/test-driver/test-driver.pl b/nixos/lib/test-driver/test-driver.pl
@@ -35,7 +35,7 @@
     if ($pid == 0) {
         dup2(fileno($pty->slave), 0);
         dup2(fileno($stdoutW), 1);
-        exec "vde_switch -s $socket" or _exit(1);
+        exec "vde_switch -s $socket --dirmode 0700" or _exit(1);
     }
     close $stdoutW;
     print $pty "version\n";
diff --git a/pkgs/build-support/vm/windows/controller/default.nix b/pkgs/build-support/vm/windows/controller/default.nix
@@ -185,7 +185,7 @@ let
     MONITOR_SOCKET="$(pwd)/monitor"
     WINVM_PIDFILE="$(pwd)/winvm.pid"
     CTRLVM_PIDFILE="$(pwd)/ctrlvm.pid"
-    ${vde2}/bin/vde_switch -s "$QEMU_VDE_SOCKET" &
+    ${vde2}/bin/vde_switch -s "$QEMU_VDE_SOCKET" --dirmode 0700 &
     echo 'alive?' | ${socat}/bin/socat - \
       UNIX-CONNECT:$QEMU_VDE_SOCKET/ctl,retry=20
   '';

Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@`
`35`	`35`	`if ($pid == 0) {`
`36`	`36`	`dup2(fileno($pty->slave), 0);`
`37`	`37`	`dup2(fileno($stdoutW), 1);`
`38`		`- exec "vde_switch -s $socket" or _exit(1);`
	`38`	`+ exec "vde_switch -s $socket --dirmode 0700" or _exit(1);`
`39`	`39`	`}`
`40`	`40`	`close $stdoutW;`
`41`	`41`	`print $pty "version\n";`