From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: permission denied: /gnu/store/...guile...
Date: Thu, 21 May 2015 23:53:51 +0200
Message-ID: <87wq01y4uo.fsf@gnu.org>
References: <14d7811908c.f06290cb71568.256566750208527927@elephly.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:60508)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1YvYPe-0000zH-7H
	for guix-devel@gnu.org; Thu, 21 May 2015 17:53:59 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1YvYPb-0005f5-2L
	for guix-devel@gnu.org; Thu, 21 May 2015 17:53:58 -0400
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:46046)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1YvYPa-0005f1-Vh
	for guix-devel@gnu.org; Thu, 21 May 2015 17:53:54 -0400
In-Reply-To: <14d7811908c.f06290cb71568.256566750208527927@elephly.net>
	(rekado@elephly.net's message of "Fri, 22 May 2015 04:06:22 +0800")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: rekado <rekado@elephly.net>
Cc: guix-devel@gnu.org

Could you try this:

--8<---------------cut here---------------start------------->8---
(chdir "/tmp")
(setgroups #())
(setgid 30000)
(setuid 30001)
(pk 'uid/gid (getuid) (getgid))
(pk 'euid/egid (geteuid) (getegid))
(let loop ((i 3))
  (when (< i 1024)
    (false-if-exception (close-fdes i))
    (loop (+ 1 i))))
(execl "/gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/bin/guile"=
 "guile"
       "-c" "(pk 'running (getuid) (geteuid))")
--8<---------------cut here---------------end--------------->8---

and then as root run:

  # guile the-above-file.scm

It should return zero and print:

--8<---------------cut here---------------start------------->8---
;;; (uid/gid 30001 30000)

;;; (euid/egid 30001 30000)

;;; (running 30001 30001)
--8<---------------cut here---------------end--------------->8---

TIA,
Ludo=E2=80=99.