diff options
author | Ludovic Courtès <ludo@gnu.org> | 2016-05-30 22:13:09 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2016-05-31 00:11:04 +0200 |
commit | 4c14d4eaa7ee9d5d89c04a41adb50c7c532d14e1 (patch) | |
tree | 19893b3db7d7ffc0f7c9f407d418ec637e643a36 /gnu | |
parent | 552ffa021ce87ece4aeecf5c8d9786f559991d3a (diff) | |
download | patches-4c14d4eaa7ee9d5d89c04a41adb50c7c532d14e1.tar patches-4c14d4eaa7ee9d5d89c04a41adb50c7c532d14e1.tar.gz |
container: Gracefully handle failure to set up user namespaces.
* gnu/build/linux-container.scm (run-container): Exit when the parent
process doesn't say 'ready.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/build/linux-container.scm | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/gnu/build/linux-container.scm b/gnu/build/linux-container.scm index ec68679f0b..562d50bcc7 100644 --- a/gnu/build/linux-container.scm +++ b/gnu/build/linux-container.scm @@ -214,15 +214,18 @@ host user identifiers to map into the user namespace." (lambda () (close out) ;; Wait for parent to set things up. - (read in) - (close in) - (purify-environment) - (when (memq 'mnt namespaces) - (mount-file-systems root mounts - #:mount-/proc? (memq 'pid namespaces) - #:mount-/sys? (memq 'net namespaces))) - ;; TODO: Manage capabilities. - (thunk)))) + (match (read in) + ('ready + (close in) + (purify-environment) + (when (memq 'mnt namespaces) + (mount-file-systems root mounts + #:mount-/proc? (memq 'pid namespaces) + #:mount-/sys? (memq 'net namespaces))) + ;; TODO: Manage capabilities. + (thunk)) + (_ ;parent died or something + (primitive-exit 2)))))) (pid (when (memq 'user namespaces) (initialize-user-namespace pid host-uids)) |