From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id wKiJMJ5PpV/aVgAA0tVLHw (envelope-from ) for ; Fri, 06 Nov 2020 13:29:02 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id 0IVaLJ5PpV/USwAA1q6Kng (envelope-from ) for ; Fri, 06 Nov 2020 13:29:02 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 6EC34940148 for ; Fri, 6 Nov 2020 13:29:02 +0000 (UTC) Received: from localhost ([::1]:49676 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kb1nZ-0001hH-B1 for larch@yhetil.org; Fri, 06 Nov 2020 08:29:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:40486) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kb1mt-0001fp-RK for guix-devel@gnu.org; Fri, 06 Nov 2020 08:28:19 -0500 Received: from dd26836.kasserver.com ([85.13.145.193]:58778) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kb1mn-0000Sg-No; Fri, 06 Nov 2020 08:28:19 -0500 Received: from localhost (80-110-126-103.cgn.dynamic.surfer.at [80.110.126.103]) by dd26836.kasserver.com (Postfix) with ESMTPSA id 92AE63368CAA; Fri, 6 Nov 2020 14:28:07 +0100 (CET) Date: Fri, 6 Nov 2020 14:28:01 +0100 From: Danny Milosavljevic To: zimoun Subject: Re: Releasing guix binary in Docker format too? Message-ID: <20201106142801.30278d85@scratchpost.org> In-Reply-To: <86a6vufy9l.fsf@gmail.com> References: <20200922115019.08d40bec@scratchpost.org> <20200924095904.49411b47@scratchpost.org> <87mu0g7xiu.fsf@gnu.org> <87eelr37rn.fsf@gnu.org> <20201104154316.548b26e3@scratchpost.org> <87imai24cb.fsf@gnu.org> <86a6vufy9l.fsf@gmail.com> X-Mailer: Claws Mail 3.17.7 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/y1HKibxcZ/M+rG3duA5OGko"; protocol="application/pgp-signature"; micalg=pgp-sha512 Received-SPF: none client-ip=85.13.145.193; envelope-from=dannym@scratchpost.org; helo=dd26836.kasserver.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/06 08:28:08 X-ACL-Warn: Detected OS = Linux 3.11 and newer [fuzzy] X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Guix Devel Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: ns3122888.ip-94-23-21.eu Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -0.11 X-TUID: ne5RnMeLCc1x --Sig_/y1HKibxcZ/M+rG3duA5OGko Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, On Fri, 06 Nov 2020 13:47:02 +0100 zimoun wrote: > On Fri, 06 Nov 2020 at 10:59, Ludovic Court=C3=A8s wrote: >=20 > > guix pack guix -f docker -S /bin=3Dbin \ > > --entry-point=3D"bin/guix-daemon --disable-chroot" Why --disable-chroot here? (I'm not objecting to it) > > might work, right? > > > > Someone needs to try because the devil is in the details. =20 >=20 > I will try to give a try. If someone does not beat me. Please do. Note: guix-daemon needs a usergroup in order to actually usefully build things, with at least one member user. If Docker actually has first-class composition operators (I don't know), th= en that should not go into the same image--but that means the end user has to= =20 provide a /etc/group and /etc/passwd with at least the "guixbuild" group and at least one member in that group as a composable image[maybe 1] in order for guix-daemon to actually work. Also, guix needs /etc/services for http and https and so on to resolve. Or you could just add those to the main guix docker image--but I think that would be kinda weird (even though I'm doing it for mine--but it has a kind of narrow use case where this is fine for the time being). Or provide the host /etc/passwd using the "-v" command line option (that would be kinda weird, too). Or expect the user to always create a dockerfile and use "FROM" to derive from the offical image. [1] https://docs.docker.com/compose/compose-file/compose-file-v2/ --Sig_/y1HKibxcZ/M+rG3duA5OGko Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEds7GsXJ0tGXALbPZ5xo1VCwwuqUFAl+lT2EACgkQ5xo1VCww uqWyKQf/VeW4v4Ndhs18IMsLbkkea8ClpxjdbPu0RUQT+WIJ8CA7Q2KWxheh1QEY hwKwQuQe46W5qF7a4M5hr8Jsmef4DRTzKw+gBxHu4NQhsz9fG4SHwzGJfG13fL+u ZCUr39nd++7mBP4sdPINe9F4dzyR26o60/+DuwllWW6RxBpHYdVpJWsraY5v40KC JMjJqDVlYvZMlICU5Ng1uoZzVl9oo3LhLgBmhAFP5gRMvci5ZUJwvN4JIim2b04S EshBxHjrbnB1XxaY/YFpFYgrrNy4vll7IFf+MgIfzg7mDYmYz18sJAo+q0LijJlO FPaCmm3/qPrqRhOvj3oaAuRR6Jx03Q== =6pZG -----END PGP SIGNATURE----- --Sig_/y1HKibxcZ/M+rG3duA5OGko--