Pierre Langlois writes: > [[PGP Signed Part:Undecided]] > Hi Guix! > > There seems to be a bug with the --network flag to `guix system > container', if we try to use docker-image.tmpl as an example we get the > following failure: > > $ sudo `guix system container -v3 --network gnu/system/examples/docker-image.tmpl` > Password: > system container is running as PID 17630 > WARNING: (guile-user): imported module (guix build utils) overrides core binding `delete' > Run 'sudo guix container exec 17630 /run/current-system/profile/bin/bash --login' > or run 'sudo nsenter -a -t 17630' to get a shell into it. > > WARNING: (guile-user): imported module (guix build utils) overrides core binding `delete' > making '/gnu/store/2w0c609is7iilv6r2l1vrchb9qsbfgkp-system' the current system... > WARNING: (guile-user): imported module (guix build utils) overrides core binding `delete' > setting up setuid programs in '/run/setuid-programs'... > populating /etc from /gnu/store/ywsdjyq161a2clhvz6kx5m4ppz5ziqp1-etc... > Backtrace: > 11 (primitive-load "/gnu/store/5wdqg0jpiw1zd9pn13wmzy3f85g…") > In gnu/build/linux-container.scm: > 300:8 10 (call-with-temporary-directory #) > 397:16 9 (_ "/tmp/guix-directory.KgjoQ6") > 62:6 8 (call-with-clean-exit #) > In unknown file: > 7 (primitive-load "/gnu/store/2w0c609is7iilv6r2l1vrchb9qs…") > In ice-9/eval.scm: > 619:8 6 (_ #f) > In unknown file: > 5 (primitive-load "/gnu/store/xfd58fw9x65n7wr5kw2gnciszkl…") > In srfi/srfi-1.scm: > 634:9 4 (for-each # _) > In unknown file: > 3 (primitive-load "/gnu/store/3gwb0jydx90f61a6kizawsjdi6h…") > In srfi/srfi-1.scm: > 634:9 2 (for-each # …) > In gnu/build/activation.scm: > 268:20 1 (_ "hosts") > In unknown file: > 0 (copy-file "/etc/static/hosts" "/etc/hosts") > > ERROR: In procedure copy-file: > In procedure copy-file: Read-only file system > > > Doing a git bisect, the problem started with this commit it seems: > 802ea1f3a43e5fb8d0b8bd2882954d8a6e49cde6 > > system: Deprecate hosts-file. > > * gnu/system.scm (operating-system-hosts-file): Deprecate procedure. > (warn-hosts-file-field-deprecation): New procedure, helper for > deprecated variable. > (operating-system)[hosts-file]: Use helper to warn deprecated field. > (local-host-aliases): Mark as deprecated. > (local-host-entries): New procedure. > (operating-system-default-essential-services, > hurd-default-essential-services): Use hosts-service-type. Use > '%operating-system-hosts-file' and 'local-host-entries'. > (default-/etc/hosts): Remove procedure. > (operating-system-etc-service): Remove hosts file. > * doc/guix.texi (operating-system Reference) > (Networking Services) (Virtualization Services): Rewrite documentation > entries to use hosts-service-type. Digging into the container script code, I think the reason is that when sharing the network, it's supposed to remove any network-related services from the containerized operating system. And it's not aware of the new hosts-service-type. The following diff seems to fix the issue: --8<---------------cut here---------------start------------->8--- diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index c2fd55d48e..9190d013bc 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -49,9 +49,12 @@ (define* (container-essential-services os #:key shared-network?) (define base (remove (lambda (service) (memq (service-kind service) - (list (service-kind %linux-bare-metal-service) - firmware-service-type - system-service-type))) + (cons* (service-kind %linux-bare-metal-service) + firmware-service-type + system-service-type + (if shared-network? + (list hosts-service-type) + '())))) (operating-system-default-essential-services os))) (cons (service system-service-type --8<---------------cut here---------------end--------------->8--- I wonder if this is a full fix though, I see that we also remove network related configuration files, using `%network-configuration-files', and I wonder if "/etc/hosts" is still supposed to be there? --8<---------------cut here---------------start------------->8--- (define %network-configuration-files ;; List of essential network configuration files. '("/etc/resolv.conf" "/etc/nsswitch.conf" "/etc/services" "/etc/hosts")) --8<---------------cut here---------------end--------------->8---