From 5ccec77176b7e0c67ed58c8849e5e76f3dd79a88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 12 Sep 2019 22:17:43 +0200 Subject: file-systems: Add /var/run/nscd to '%network-file-mappings'. This allows containers created by "guix environment -CN" or by "guix system container -N" to talk to the host nscd. * gnu/system/file-systems.scm (%network-file-mappings): Add "/var/run/nscd". * gnu/build/shepherd.scm (default-mounts)[nscd-socket]: Remove. * gnu/system/linux-container.scm (container-script)[nscd-run-directory] [nscd-mapping, nscd-os, nscd-specs]: Remove. [script]: Filter out from SPECS bind-mounts where the device does not exist. * guix/scripts/environment.scm (launch-environment/container) [optional-mapping->fs]: New procedure. [mappings]: Remove %NETWORK-FILE-MAPPINGS. [file-systems]: Add %NETWORK-FILE-MAPPINGS here, filtered through 'optional-mapping->fs'. --- gnu/build/shepherd.scm | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'gnu/build') diff --git a/gnu/build/shepherd.scm b/gnu/build/shepherd.scm index cf68f2108b..b32765ed5e 100644 --- a/gnu/build/shepherd.scm +++ b/gnu/build/shepherd.scm @@ -67,16 +67,10 @@ (file-system-mapping (source "/etc/group") (target source)))) - (define nscd-socket - (file-system-mapping - (source "/var/run/nscd") (target source) - (writable? #t))) - (append (cons (tmpfs "/tmp") %container-file-systems) (let ((mappings `(,@(if (memq 'net namespaces) '() - (cons nscd-socket - %network-file-mappings)) + %network-file-mappings) ,@(if (and (memq 'mnt namespaces) (not (memq 'user namespaces))) accounts -- cgit v1.2.3 From d236cd16a7173278ca69578d3e7ce4d1ce55e04c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 12 Sep 2019 23:06:12 +0200 Subject: linux-container: "run-container" scripts shows the container's PID. * gnu/build/linux-container.scm (call-with-container): Add #:process-spawned-hook and honor it. * gnu/system/linux-container.scm (container-script)[script]: Define 'explain' and pass it as #:process-spawned-hook'. --- gnu/build/linux-container.scm | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'gnu/build') diff --git a/gnu/build/linux-container.scm b/gnu/build/linux-container.scm index 6ccb924861..87695c98fd 100644 --- a/gnu/build/linux-container.scm +++ b/gnu/build/linux-container.scm @@ -299,8 +299,10 @@ delete it when leaving the dynamic extent of this call." (false-if-exception (delete-file-recursively tmp-dir)))))) (define* (call-with-container mounts thunk #:key (namespaces %namespaces) - (host-uids 1) (guest-uid 0) (guest-gid 0)) - "Run THUNK in a new container process and return its exit status. + (host-uids 1) (guest-uid 0) (guest-gid 0) + (process-spawned-hook (const #t))) + "Run THUNK in a new container process and return its exit status; call +PROCESS-SPAWNED-HOOK with the PID of the new process that has been spawned. MOUNTS is a list of objects that specify file systems to mount inside the container. NAMESPACES is a list of symbols corresponding to the identifiers for Linux namespaces: mnt, ipc, uts, pid, user, and net. By @@ -329,6 +331,7 @@ load path must be adjusted as needed." (false-if-exception (kill pid SIGKILL)))) + (process-spawned-hook pid) (match (waitpid pid) ((_ . status) status)))))) -- cgit v1.2.3