From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([209.51.188.92]:59672)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hHURO-0004TU-29
	for guix-patches@gnu.org; Fri, 19 Apr 2019 10:24:35 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hHUK7-0001h4-QF
	for guix-patches@gnu.org; Fri, 19 Apr 2019 10:17:04 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:59122)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hHUK6-0001dw-6c
	for guix-patches@gnu.org; Fri, 19 Apr 2019 10:17:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hHUK5-0002kW-Py
	for guix-patches@gnu.org; Fri, 19 Apr 2019 10:17:01 -0400
Subject: [bug#34638] [PATCH 2/4] linux-container: Add
	'start-child-in-container'.
Resent-Message-ID: <handler.34638.B34638.155568341110547@debbugs.gnu.org>
References: <20190224161855.2632-1-mail@cbaines.net>
	<20190224161855.2632-2-mail@cbaines.net> <87lg1hiam0.fsf@gnu.org>
From: Christopher Baines <mail@cbaines.net>
In-reply-to: <87lg1hiam0.fsf@gnu.org>
Date: Fri, 19 Apr 2019 15:16:40 +0100
Message-ID: <87pnpit707.fsf@cbaines.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: 34638@debbugs.gnu.org

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


Ludovic Court=C3=A8s <ludo@gnu.org> writes:

> Hello!
>
> Christopher Baines <mail@cbaines.net> skribis:
>
>> This new procedure is similar to open-pipe* in (ice-9 popen), but using
>> run-container from (gnu build linux-container).
>>
>> * gnu/build/linux-container.scm (start-child-in-container): New procedur=
e.
>
> [...]
>
>  +(define* (start-child-in-container command
>> +                                   #:key read? write?
>> +                                   (root 'temporary)
>> +                                   (mounts '())
>> +                                   (namespaces %namespaces)
>> +                                   (host-uids 1)
>> +                                   (extra-environment-variables '()))
>
> We could even call that =E2=80=98open-pipe/container=E2=80=99, for clarit=
y.

I've made some changes (see below) that move this a little further away
from open-pipe in terms of behaviour now.

>> +  (define (with-root-directory f)
>> +    (if (eq? root 'temporary)
>> +        (call-with-temporary-directory f)
>> +        (f root)))
>> +
>> +  ;; (ice-9 popen) internals
>> +  (define make-rw-port (@@ (ice-9 popen) make-rw-port))
>> +  (define pipe-guardian (@@ (ice-9 popen) pipe-guardian))
>> +  (define make-pipe-info (@@ (ice-9 popen) make-pipe-info))
>
> So this is the funky part.  ;-)
>
> What if we did something like:
>
>   (call-with-container mounts
>     (lambda ()
>       ;; Somehow act as a proxy between the output process
>       ;; and the one spawned by =E2=80=98open-pipe*=E2=80=99.
>       (open-pipe* =E2=80=A6)))
>
> ?  Would that work?
>
> That=E2=80=99s create an extra process, but if it works, it=E2=80=99s pro=
bably safer and
> a lesser maintenance burden.
>
> Now, I think that Guile should expose some of the popen internals
> somehow so we can do things like you did, but that=E2=80=99s another stor=
y.

I'm hesitant to try that, as the additional process in the middle seems
a bit awkward to me.

I've made another pass over the code, removed all the uses of (ice-9
popen) internals, and sent another set of patches. For the make-rw-port
function, I just copied that over. The pipe-guardian isn't being used
now, and instead of returning a <pipe-info> record, the port and pid are
returned instead. This works with the inferior use case, as the close
function provided to port->inferior does the right thing, closing the
port and then waiting for the child process to exit, just like popen.

I'm still more interested in getting something working than it being
perfect in any particular way, but let me know what you think.

Thanks,

Chris

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAly52EhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE
9XfZTw/6A8MgyDllG42QeJT5f/qXG9mee6q8edCLQHBTytq9Mzv3RRr20uJ4jIoz
xc8AYRsTO8niCgU6CquAIbz1eR/koz4xo753qlo1grQYj/M71VpI5lQkukyPhcX6
ZcCZPDXWxrz/wiYlbhVB813B6rP8DLo7wxK9StB3ybQk4kkI8+lR9b69nteyXa/B
YoV3L8CG+jiuvyRokTcNytpj3GJjv+Xiy9hOVPe9B1Oken76kIpqmc14kV2341Ih
8o+T29vuHS+0dlTz5ovVtvGp5QIK5tKBR0jZingiN60tSCqgrY7AouEGMAM+V1S4
Z+QLGqk+boLKhFIZgseT3Tn66OIiO12J7SPPyLhyBLU8dUa3r8oYFVlmQFWVsiK7
RDLTot0C2+MDOooCtA+Kam33IAppD1DZY3AImbMut7ZzXVwTOMdaCgzRLP8acn3X
lZlURvieJkzAiQFDIKYnicbqnDFdXoH8tm997tb98giu8Ruf7YiaT1aHM5u2iGsT
Hh1uFEWnlaW+Y09fLFdsPhJBH4ovoESvT1TuxZqbYF3FtRTdhlQ4daUYx49Zf04+
5fNdzX79mFPUXygc0PZ+v8+mQ4vwOUQS02giBS63igBWseb6ObzR/gA/mjLwRJ+w
qYb7A9gUURe9aXC47AoL92lxFL+xfmTAPDFyi4LAMS1WQFtaEuk=
=0lHn
-----END PGP SIGNATURE-----
--=-=-=--