environment: container: Create dummy home directory and /etc/passwd.

* guix/scripts/environment.scm (launch-environment/container): Change
$HOME to the current user's home directory instead of
/homeless-shelter.  Create a dummy /etc/passwd with a single entry for
the current user.
* doc/guix.texi ("invoking guix environment"): Add a note about the
dummy home directory and /etc/passwd.

doc/guix.texi

@@ -5338,10 +5338,11 @@ Attempt to build for @var{system}---e.g., @code{i686-linux}.
 @itemx -C
 @cindex container
 Run @var{command} within an isolated container.  The current working
-directory outside the container is mapped inside the
+directory outside the container is mapped inside the container.
-container.  Additionally, the spawned process runs as the current user
+Additionally, a dummy home directory is created that matches the current
-outside the container, but has root privileges in the context of the
+user's home directory, and @file{/etc/passwd} is configured accordingly.
-container.
+The spawned process runs as the current user outside the container, but
+has root privileges in the context of the container.
 
 @item --network
 @itemx -N

guix/scripts/environment.scm

@@ -373,6 +373,7 @@ host file systems to mount inside the container."
                              (list (direct-store-path bash) profile))))
     (return
      (let* ((cwd (getcwd))
+            (passwd (getpwuid (getuid)))
             ;; Bind-mount all requisite store items, user-specified mappings,
             ;; /bin/sh, the current working directory, and possibly networking
             ;; configuration files within the container.
@@ -417,16 +418,26 @@ host file systems to mount inside the container."
                       ;; The same variables as in Nix's 'build.cc'.
                       '("TMPDIR" "TEMPDIR" "TMP" "TEMP"))
 
-            ;; From Nix build.cc:
+            ;; Create a dummy home directory under the same name as on the
-            ;;
+            ;; host.
-            ;; Set HOME to a non-existing path to prevent certain
+            (mkdir-p (passwd:dir passwd))
-            ;; programs from using /etc/passwd (or NIS, or whatever)
+            (setenv "HOME" (passwd:dir passwd))
-            ;; to locate the home directory (for example, wget looks
+
-            ;; for ~/.wgetrc).  I.e., these tools use /etc/passwd if
+            ;; Create a dummy /etc/passwd to satisfy applications that demand
-            ;; HOME is not set, but they will just assume that the
+            ;; to read it, such as 'git clone' over SSH, a valid use-case when
-            ;; settings file they are looking for does not exist if
+            ;; sharing the host's network namespace.
-            ;; HOME is set but points to some non-existing path.
+            (mkdir-p "/etc")
-            (setenv "HOME" "/homeless-shelter")
+            (call-with-output-file "/etc/passwd"
+              (lambda (port)
+                (display (string-join (list (passwd:name passwd)
+                                            "x" ; but there is no shadow
+                                            "0" "0" ; user is now root
+                                            (passwd:gecos passwd)
+                                            (passwd:dir passwd)
+                                            bash)
+                                      ":")
+                         port)
+                (newline port)))
 
             ;; For convenience, start in the user's current working
             ;; directory rather than the root directory.