syscalls: Add ‘get-user-ns’.

* guix/build/syscalls.scm (NS_GET_USERNS): New variable.
(get-user-ns): New procedure.

Change-Id: I0cfba6a7cdf2ab64ef658b0f821ba4e7c6c89eab

guix/build/syscalls.scm

@@ -147,6 +147,7 @@
             clone
             unshare
             setns
+            get-user-ns
 
             kexec-load-file
             KEXEC_FILE_UNLOAD
@@ -1247,6 +1248,19 @@ there is no such limitation."
                   (list fdes nstype (strerror err))
                   (list err))))))))
 
+(define NS_GET_USERNS #xb701)
+
+(define (get-user-ns fdes)
+  "Return an open file descriptor to the user namespace that owns the
+namespace pointed to by FDES, a file descriptor obtained by opening
+/proc/PID/ns/*."
+  (let-values (((ret err) (%ioctl fdes NS_GET_USERNS %null-pointer)))
+    (when (< ret 0)
+      (throw 'system-error "get-user-ns" "~d: ~A"
+             (list fdes (strerror err))
+             (list err)))
+    ret))
+
 (define pivot-root
   (let ((proc (syscall->procedure int "pivot_root" (list '* '*))))
     (lambda (new-root put-old)