diff --git a/Makefile.am b/Makefile.am
index 87682b4949..704f2451c3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -277,7 +277,8 @@ endif BUILD_DAEMON_OFFLOAD
 # Scheme implementation of the build daemon and related functionality.
 STORE_MODULES =					\
   guix/store/database.scm			\
-  guix/store/deduplication.scm
+  guix/store/deduplication.scm			\
+  guix/store/roots.scm
 
 MODULES += $(STORE_MODULES)
 
@@ -408,7 +409,8 @@ SCM_TESTS =					\
   tests/pypi.scm				\
   tests/import-utils.scm			\
   tests/store-database.scm			\
-  tests/store-deduplication.scm
+  tests/store-deduplication.scm			\
+  tests/store-roots.scm
 
 SH_TESTS =					\
   tests/guix-build.sh				\
diff --git a/guix/store/roots.scm b/guix/store/roots.scm
new file mode 100644
index 0000000000..4f23ae34e8
--- /dev/null
+++ b/guix/store/roots.scm
@@ -0,0 +1,120 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (guix store roots)
+  #:use-module (guix config)
+  #:use-module ((guix store) #:select (store-path? %gc-roots-directory))
+  #:use-module (guix sets)
+  #:use-module (guix build syscalls)
+  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-11)
+  #:use-module (srfi srfi-26)
+  #:use-module (ice-9 match)
+  #:use-module (ice-9 regex)
+  #:re-export (%gc-roots-directory)
+  #:export (gc-roots
+            user-owned?))
+
+;;; Commentary:
+;;;
+;;; This module provides tools to list and access garbage collector roots ("GC
+;;; roots").
+;;;
+;;; Code:
+
+(define %profile-directory
+  ;; Directory where user profiles are stored.
+  ;; XXX: This is redundant with the definition in (guix profiles) and not
+  ;; entirely needed since in practice /var/guix/gcroots/profiles links to
+  ;; it.
+  (string-append %state-directory "/profiles"))
+
+(define (gc-roots)
+  "Return the list of garbage collector roots (\"GC roots\").  This includes
+\"regular\" roots fount in %GC-ROOTS-DIRECTORY as well as indirect roots that
+are user-controlled symlinks stored anywhere on the file system."
+  (define (regular? file)
+    (match file
+      (((or "." "..") . _) #f)
+      (_ #t)))
+
+  (define (file-type=? type)
+    (match-lambda
+      ((file . properties)
+       (match (assq-ref properties 'type)
+         ('unknown
+          (let ((stat (lstat file)))
+            (eq? type (stat:type stat))))
+         (actual-type
+          (eq? type actual-type))))))
+
+  (define directory?
+    (file-type=? 'directory))
+
+  (define symlink?
+    (file-type=? 'symlink))
+
+  (define canonical-root
+    (match-lambda
+      ((file . properties)
+       (let ((target (readlink file)))
+         (cond ((store-path? target)
+                ;; Regular root: FILE points to the store.
+                file)
+
+               ;; Indirect root: FILE points to a user-controlled file outside
+               ;; the store.
+               ((string-prefix? "/" target)
+                target)
+               (else
+                (string-append (dirname file) "/" target)))))))
+
+  (let loop ((directories (list %gc-roots-directory
+                                %profile-directory))
+             (roots       '())
+             (visited     (set)))
+    (match directories
+      (()
+       roots)
+      ((directory . rest)
+       (if (set-contains? visited directory)
+           (loop rest roots visited)
+           (let*-values (((scope)
+                          (cut string-append directory "/" <>))
+                         ((sub-directories files)
+                          (partition directory?
+                                     (map (match-lambda
+                                            ((file . properties)
+                                             (cons (scope file) properties)))
+                                          (scandir* directory regular?)))))
+             (loop (append rest (map first sub-directories))
+                   (append (map canonical-root (filter symlink? files))
+                           roots)
+                   (set-insert directory visited))))))))
+
+(define* (user-owned? root #:optional (uid (getuid)))
+  "Return true if ROOT exists and is owned by UID, false otherwise."
+  ;; If ROOT is an indirect root, then perhaps it no longer exists.  Thus,
+  ;; catch 'system-error' exceptions.
+  (catch 'system-error
+    (lambda ()
+      (define stat
+        (lstat root))
+
+      (= (stat:uid stat) uid))
+    (const #f)))
diff --git a/tests/store-roots.scm b/tests/store-roots.scm
new file mode 100644
index 0000000000..5bcf1bc87e
--- /dev/null
+++ b/tests/store-roots.scm
@@ -0,0 +1,53 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (test-store-deduplication)
+  #:use-module (guix tests)
+  #:use-module (guix store)
+  #:use-module (guix store roots)
+  #:use-module ((guix utils) #:select (call-with-temporary-directory))
+  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-64))
+
+(define %store
+  (open-connection))
+
+(test-begin "store-roots")
+
+(test-assert "gc-roots, regular root"
+  (let* ((item (add-text-to-store %store "something"
+                                  (random-text)))
+         (root (string-append %gc-roots-directory "/test-gc-root")))
+    (symlink item root)
+    (let ((result (member root (gc-roots))))
+      (delete-file root)
+      result)))
+
+(test-assert "gc-roots, indirect root"
+  (call-with-temporary-directory
+   (lambda (directory)
+     (let* ((item (add-text-to-store %store "something"
+                                     (random-text)))
+            (root (string-append directory "/gc-root")))
+       (symlink item root)
+       (add-indirect-root %store root)
+       (let ((result (member root (gc-roots))))
+         (delete-file root)
+         result)))))
+
+(test-end "store-roots")