Make /etc writability conditional on uid-range feature

(cherry picked from commit 49fd72a903)

src/libstore/build/local-derivation-goal.cc

@@ -663,6 +663,8 @@ void LocalDerivationGoal::startBuilder()
            nobody account.  The latter is kind of a hack to support
            Samba-in-QEMU. */
         createDirs(chrootRootDir + "/etc");
+        if (parsedDrv->useUidRange())
+            chownToBuilder(chrootRootDir + "/etc");
 
         if (parsedDrv->useUidRange() && (!buildUser || buildUser->getUIDCount() < 65536))
             throw Error("feature 'uid-range' requires the setting '%s' to be enabled", settings.autoAllocateUids.name);
@@ -1023,7 +1025,8 @@ void LocalDerivationGoal::startBuilder()
                 sandboxUid(), sandboxGid(), settings.sandboxBuildDir));
 
         /* Make /etc unwritable */
-        chmod_(chrootRootDir + "/etc", 0555);
+        if (!parsedDrv->useUidRange())
+            chmod_(chrootRootDir + "/etc", 0555);
 
         /* Save the mount- and user namespace of the child. We have to do this
            *before* the child does a chroot. */

tests/systemd-nspawn.nix

@@ -56,7 +56,6 @@ runCommand "test"
     # Make /run a tmpfs to shut up a systemd warning.
     mkdir /run
     mount -t tmpfs none /run
-    chmod 0700 /run
 
     mount -t cgroup2 none /sys/fs/cgroup