diff options
author | David Thompson <davet@gnu.org> | 2015-06-28 00:42:16 -0400 |
---|---|---|
committer | David Thompson <dthompson2@worcester.edu> | 2015-07-09 08:25:33 -0400 |
commit | c829bc80bd288bc9f3c926bfff69baf06a8c6e62 (patch) | |
tree | 767c4c46c05e0b61470f81721664021cc6dae899 | |
parent | c1f6a0c2ed8caa5b04aae77e5d2e3a2299305a43 (diff) | |
download | guix-c829bc80bd288bc9f3c926bfff69baf06a8c6e62.tar guix-c829bc80bd288bc9f3c926bfff69baf06a8c6e62.tar.gz |
gnu: system: Add Linux container file systems.
* gnu/system/file-systems.scm (%container-file-systems): New variable.
-rw-r--r-- | gnu/system/file-systems.scm | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm index b33f826b45..a06c173a70 100644 --- a/gnu/system/file-systems.scm +++ b/gnu/system/file-systems.scm @@ -45,6 +45,7 @@ %control-groups %base-file-systems + %container-file-systems mapped-device mapped-device? @@ -198,6 +199,45 @@ initrd code." %immutable-store) %control-groups)) +;; File systems for Linux containers differ from %base-file-systems in that +;; they impose additional restrictions such as no-exec or need different +;; options to function properly. +;; +;; The file system flags and options conform to the libcontainer +;; specification: +;; https://github.com/docker/libcontainer/blob/master/SPEC.md#filesystem +(define %container-file-systems + (list + ;; Psuedo-terminal file system. + (file-system + (device "none") + (mount-point "/dev/pts") + (type "devpts") + (flags '(no-exec no-suid)) + (needed-for-boot? #t) + (create-mount-point? #t) + (check? #f) + (options "newinstance,ptmxmode=0666,mode=620")) + ;; Shared memory file system. + (file-system + (device "tmpfs") + (mount-point "/dev/shm") + (type "tmpfs") + (flags '(no-exec no-suid no-dev)) + (options "mode=1777,size=65536k") + (needed-for-boot? #t) + (create-mount-point? #t) + (check? #f)) + ;; Message queue file system. + (file-system + (device "mqueue") + (mount-point "/dev/mqueue") + (type "mqueue") + (flags '(no-exec no-suid no-dev)) + (needed-for-boot? #t) + (create-mount-point? #t) + (check? #f)))) + ;;; |