From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([209.51.188.92]:35211)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1gxwOq-0000jq-6d
	for guix-patches@gnu.org; Sun, 24 Feb 2019 11:13:08 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1gxwOp-0004xt-F9
	for guix-patches@gnu.org; Sun, 24 Feb 2019 11:13:08 -0500
Received: from debbugs.gnu.org ([209.51.188.43]:36831)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1gxwOk-0004tU-GS
	for guix-patches@gnu.org; Sun, 24 Feb 2019 11:13:06 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1gxwOk-00034s-BQ
	for guix-patches@gnu.org; Sun, 24 Feb 2019 11:13:02 -0500
Subject: [bug#34638] [PATCH 0/4] Isolated inferiors.
Resent-Message-ID: <handler.34638.B.155102474611787@debbugs.gnu.org>
Received: from eggs.gnu.org ([209.51.188.92]:35038)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mail@cbaines.net>) id 1gxwO1-0000IC-57
	for guix-patches@gnu.org; Sun, 24 Feb 2019 11:12:17 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mail@cbaines.net>) id 1gxwO0-0003wj-12
	for guix-patches@gnu.org; Sun, 24 Feb 2019 11:12:17 -0500
Received: from mira.cbaines.net ([2a01:7e00::f03c:91ff:fe69:8da9]:34030)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mail@cbaines.net>) id 1gxwNz-0003sH-PE
	for guix-patches@gnu.org; Sun, 24 Feb 2019 11:12:15 -0500
Received: from localhost (cpc102582-walt20-2-0-cust14.13-2.cable.virginm.net
	[86.27.34.15])
	by mira.cbaines.net (Postfix) with ESMTPSA id 63DED16C20
	for <guix-patches@gnu.org>; Sun, 24 Feb 2019 16:12:11 +0000 (GMT)
Received: from capella (localhost [127.0.0.1])
	by localhost (OpenSMTPD) with ESMTP id 5a94c0be
	for <guix-patches@gnu.org>; Sun, 24 Feb 2019 16:12:11 +0000 (UTC)
From: Christopher Baines <mail@cbaines.net>
Date: Sun, 24 Feb 2019 16:12:08 +0000
Message-ID: <875zt9go87.fsf@cbaines.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: 34638@debbugs.gnu.org

--=-=-=
Content-Type: text/plain

These patches form a prototype for Guix inferiors, that are
isolated. Access to the inferior Guix is done through running a REPL as
a separate process. These patches provide a way of launching that REPL
in an isolated environment through Linux namespaces, providing some
isolation from the wider system.

These patches should work, at least enough to get the derivations for
packages within the inferior Guix, as well as doing 'guix pull' within
the inferior Guix.

They're not ready to be merged just yet though. I think some of the
approaches are a little odd (e.g. using (ice-9 popen) internals) and
I've got no idea if the isolation is actually working properly.


Christopher Baines (4):
  utils: Add #:base-directory to call-with-temporary-directory.
  linux-container: Add 'start-child-in-container'.
  inferior: Add a shared-directory field to <inferior>
  inferior: Add 'open-inferior/container'.

 gnu/build/linux-container.scm | 82 +++++++++++++++++++++++++++++++
 guix/inferior.scm             | 90 ++++++++++++++++++++++++++++++-----
 guix/utils.scm                |  4 +-
 3 files changed, 163 insertions(+), 13 deletions(-)

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAlxywlhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE
9XfDjg//W/v3E1k3KSBgq/cbEB3eDzShPBdOfQjXsm+8NtdZUtmifuzomzQPbSRb
MdtFZzv1u91baWGc7OcArUujtDb7BJJFOdPLbaU+X5ypEsvdNHdndJTuPSefQS4V
rAmbJFLi7vdgqguO8kp5UqT/mHoLDqNPcvCMYQFrlpF6hu1nIHGxtKyTX7TmGVOD
amLBFkHr1IF47Fy8+gahkz50jvW5bvc2kyUwXGFUU4xfB/shgKHuq7tZQDHbZwrz
IwHEBT2Db4g6bJYb5XP0MpqBLaN9CSCCjaNUTo7Y4rxDxCiiOfkwLZtdugt1ghH7
RnYApd9SMNf90VSjVJithX8Y/FtTCOsh+DVqPwEW0fVIDM0XZJ1a7V7JE3WKAy9+
sNMX0AF4o9VxSSJXupAYb/vqXD3DhctY17VszZDVimkuyAvb3IAipdMiRe5rbQ0O
8SSFXxmvQ+eQsSQ5YF5oq462DZmJ9yhkEXApIS3bwhWXqZw9gzxX8IPUWfAobVtc
CpSYhsNDwyz5h0Iult+9rovwDBWu4DtsmRs7L1tykbvSNWOWhgFAqpTf+lx2V6J/
F/XQe6dFuy26c3vH0xVbjSZsWRiqhBXBsRyHtiijI8ctZ5w2fbkzKH3F04st3yRv
ARqN+r66Zi207Y5HiSVGxZiYReFoS9i+RL9IJWcxdcMsPJDm0Dk=
=PrMq
-----END PGP SIGNATURE-----
--=-=-=--