From: Leo Prikler <leo.prikler@student.tugraz.at>
To: Zhu Zihao <all_but_last@163.com>
Cc: guix-devel@gnu.org
Subject: Re: A public Lisp programming interface provide feature like `guix environment --container`
Date: Wed, 04 Nov 2020 11:23:59 +0100 [thread overview]
Message-ID: <42ddcb59882ded6c18da226c56bec7e6e224801a.camel@student.tugraz.at> (raw)
In-Reply-To: <864km55teh.fsf@163.com>
Am Mittwoch, den 04.11.2020, 18:05 +0800 schrieb Zhu Zihao:
> Leo Prikler writes:
>
> > launch-environment/container still assumes the command to be a
> > shell
> > script, which I think is not quite what you want. You probably
> > want to
> > take a look at call-with-container from (guix build linux-
> > container) or
> > child-hurds.
>
> I just read the source code of call-with-container. IMO, it just run
> code in container, without any settings. It's quite inconvenient for
> my
> usage. For example: I have to setup mount binding of my package
> closure manually.
Indeed, but in my opinion it also has much of what you'd want for an
entry script, does it not? You start with zero settings, then
configure the environment in whichever fashion you need, then call some
other function.
I think like this could be a stepping stone for some higher level
abstraction, that you would have to write on your own once, but could
then reuse more or less indefinitely. Particularly, you would have to
copy the parts of Guix that create the environment and then just figure
out how to securely spawn a function inside it, that can't escape the
container environment, instead of running shell code.
> > I currently don't know of any procedure, that "directly" invokes
> > Scheme
> > code through Guix environments, so you'd have to build that on your
> > own. However, given that your stated goal is to port container
> > entry
> > scripts [I read this as "the script called by the container at
> > entry"]
> > to Guile, would it not make sense to have
> >
> > (guix-environment [ENVIRONMENT OPTIONS] "--" "guile" "entry.scm")
> >
> > WDYT?
> >
> > Regards, Leo
>
> Hmmm, maybe this is the solution, tho it's not very very elegant.
For the record, what you do want is something à la
(call-in-container-environment THUNK MANIFEST . KWARGS)
where manifest is the Guix environment manifest, THUNK is a procedure
to call with 0 arguments and KWARGS is a list of options for things you
might want to set up, e.g. just the GUIX_ENVIRONMENT variable or more
than that.
Is that about right?
Regards, Leo
next prev parent reply other threads:[~2020-11-04 10:31 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-04 7:38 A public Lisp programming interface provide feature like `guix environment --container` Leo Prikler
2020-11-04 10:05 ` Zhu Zihao
2020-11-04 10:23 ` Leo Prikler [this message]
2020-11-04 10:36 ` Zhu Zihao
-- strict thread matches above, loose matches on Subject: below --
2020-11-04 3:49 Zhu Zihao
2020-11-06 9:41 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42ddcb59882ded6c18da226c56bec7e6e224801a.camel@student.tugraz.at \
--to=leo.prikler@student.tugraz.at \
--cc=all_but_last@163.com \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).