From a87a59a86bf5a0330ca237babfa9a36242cead0f Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Sat, 22 Oct 2022 19:37:49 +0200
Subject: [PATCH] make-container.sh: improve root handling

Don't auto-switch to root when executing make-container.sh, because
auto root switching is also implemented in extra-container.

Besides simplifying the code, this is useful for a later commit that
introduces flakes-based container building.
With this change, the container is built under the regular user
instead of root, thereby utilizing the user's regular fetcher and
evaluation caches.
---
 test/lib/make-container.sh | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/test/lib/make-container.sh b/test/lib/make-container.sh
index 19d009f..491cddf 100755
--- a/test/lib/make-container.sh
+++ b/test/lib/make-container.sh
@@ -53,16 +53,6 @@
 
 set -euo pipefail
 
-if [[ $EUID != 0 ]]; then
-    # NixOS containers require root permissions.
-    # By using sudo here and not at the user's call-site extra-container can detect if it is running
-    # inside an existing shell session (by checking an internal environment variable).
-    #
-    # shellcheck disable=SC2154
-    exec sudo scenario="$scenario" scriptDir="$scriptDir" NIX_PATH="$NIX_PATH" PATH="$PATH" \
-         scenarioOverridesFile="${scenarioOverridesFile:-}" "$scriptDir/lib/make-container.sh" "$@"
-fi
-
 export containerName=nb-test
 containerCommand=shell
 
@@ -80,9 +70,16 @@ done
 
 containerBin=$(type -P extra-container) || true
 if [[ ! ($containerBin && $(realpath "$containerBin") == *extra-container-0.10*) ]]; then
+    echo
     echo "Building extra-container. Skip this step by adding extra-container 0.10 to PATH."
     nix-build --out-link /tmp/extra-container "$scriptDir"/../pkgs \
       -A pinned.extra-container >/dev/null
+    # When this script is run as root, e.g. when run in an extra-container shell,
+    # chown the gcroot symlink to the regular (login) user so that the symlink can be
+    # overwritten when this script is run without root.
+    if [[ $EUID == 0 ]]; then
+        chown "$(logname):" --no-dereference /tmp/extra-container
+    fi
     export PATH="/tmp/extra-container/bin${PATH:+:}$PATH"
 fi