[bug#42849] [PATCH 3/3] installer: Run the installation inside a container.

unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed

From: "Ludovic Courtès" <ludo@gnu.org>
To: Mathieu Othacehe <othacehe@gnu.org>
Cc: 42849@debbugs.gnu.org
Subject: [bug#42849] [PATCH 3/3] installer: Run the installation inside a container.
Date: Tue, 01 Sep 2020 10:48:03 +0200	[thread overview]
Message-ID: <87k0xdanng.fsf@gnu.org> (raw)
In-Reply-To: <87a6ybiab6.fsf@gnu.org> (Mathieu Othacehe's message of "Mon, 31 Aug 2020 08:44:29 +0200")

Hi Mathieu!

Mathieu Othacehe <othacehe@gnu.org> skribis:

>> Should ‘mount-cow-store’ also make an overlay for /var/guix/db?  That
>> way, changes to that directory would go to /mnt/var/guix/db and the
>> original database would remain unchanged.
>
> I took the lazy path because it's just one file that keeps reasonably
> small. Adding an extra overlay for /var/guix/db would make
> sense here.

Yeah, no big deal.

>> Hmm, that seems quite complex, and it’s not great that we have to tweak
>> guix-daemon-service “just” for this.
>
> Yes I can't say I'm satisfied with all of this but I'm trying different
> angles for this problem since months, with no proper outcome.

Yeah…  (I must say I really appreciate your commitment tackling hard
problems like this one, kudos!)

>> Is there a way we can identify processes that have open overlay files,
>> so we could terminate them?
>
> That's the current approach but it breaks very ofter because kmscon,
> udev or any other processes that can't be killed, opens an overlay file.
> I'd really like to avoid relying on this kind of solution.

OK, makes sense!

>> Alternately, something that might simplify the code would be to always
>> run guix-daemon in a separate mount namespace.  We could add a
>> ‘fork+exec-command/container’ procedure in (gnu build shepherd) to help
>> with that.
>>
>> That way, all we’d need to do is to run ‘guix system init’ in that same
>> mount namespace, which can be achieved using ‘container-excursion’.
>
> Yes I tried that at first but there's a catch. While running guix-daemon
> in it's own mount namespace, it won't 'see' the mounted file-systems
> such as /mnt.
>
> So that would mean that we would have to do spawn a containerized
> process that would:
>
> * Join guix-daemon mnt namespace
> * Call "with-mounted-partitions"
> * Mount the cow-store
> * Run 'guix system init'
>
> In this is end it still seem overly complex, but I can give it another
> try. WDYT?

It does seem complex indeed.

So perhaps we can settle on the solution you sent, but let’s see if we
can move complexity out of sight.  For example, if we can arrange to
have a ‘fork+exec-command/container’ procedure that can be passed the
PID of a namespace, such that the ‘start’ method of guix-daemon is just
a few more lines its current definition, I’ll be happy.

How does that sound?

Thank you!

Ludo’.

next prev parent reply	other threads:[~2020-09-01 10:04 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-13 12:23 [bug#42849] [PATCH 0/3] installer: Run the installation inside a container Mathieu Othacehe
2020-08-13 12:34 ` [bug#42849] [PATCH 1/3] install: Factorize cow-store procedure Mathieu Othacehe
2020-08-13 12:34   ` [bug#42849] [PATCH 2/3] linux-container: Add a jail? argument Mathieu Othacehe
2020-08-30 19:53     ` Ludovic Courtès
2020-08-31  6:27       ` Mathieu Othacehe
2020-08-31 13:36         ` Ludovic Courtès
2020-09-07 22:02           ` Ludovic Courtès
2020-09-10  7:46             ` Mathieu Othacehe
2020-09-11 15:07               ` Ludovic Courtès
2020-08-13 12:34   ` [bug#42849] [PATCH 3/3] installer: Run the installation inside a container Mathieu Othacehe
2020-08-30 20:40     ` Ludovic Courtès
2020-08-31  6:44       ` Mathieu Othacehe
2020-09-01  8:48         ` Ludovic Courtès [this message]
2020-09-02 15:15           ` bug#42849: " Mathieu Othacehe
2020-09-02 20:17             ` [bug#42849] " Ludovic Courtès
2020-09-02 21:25             ` Ludovic Courtès
2020-08-30 19:51   ` [bug#42849] [PATCH 1/3] install: Factorize cow-store procedure Ludovic Courtès

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87k0xdanng.fsf@gnu.org \
    --to=ludo@gnu.org \
    --cc=42849@debbugs.gnu.org \
    --cc=othacehe@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).