From: Andrew Tropin <andrew@trop.in>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 54377@debbugs.gnu.org
Subject: [bug#54377] [PATCH 3/3] guix home: Add 'container' command.
Date: Sat, 19 Mar 2022 08:09:59 +0300 [thread overview]
Message-ID: <87y216h6jc.fsf@trop.in> (raw)
In-Reply-To: <87v8wbqto9.fsf@gnu.org>
[-- Attachment #1: Type: text/plain, Size: 4395 bytes --]
On 2022-03-18 14:25, Ludovic Courtès wrote:
> Hi Andrew,
>
> Andrew Tropin <andrew@trop.in> skribis:
>
>>> +For example, this is how you would start an interactive shell in a
>>
>> s/interactive/login ?
>>
>> or interactive login shell
>
> Yeah. I thought that as a user, what matters is that it’s interactive;
> the fact that it’s a “login shell” is more of an implementation detail,
> and too few people understand what that means anyway. :-)
>
> [...]
>
>>> +Additionally, you can run a command in that container, instead of
>>> +spawning an interactive shell. For instance, here is how you would
>>
>> In fact the sentence is correct, but gives a feeling that the shell
>> won't be executed at all. Don't know if we need to change it somehow.
>
> I agree that the sentence is an approximation of how it does things, but
> hopefully it gives a good idea of what it.
>
>>> + (display (G_ "
>>> + -N, --network allow containers to access the network"))
>>
>> Is plural form intended?
>
> (Copied from environment.scm.) I think it’s grammatically OK.
>
>>> +(define (user-shell)
>>> + (match (and=> (or (getenv "SHELL")
>>
>> Be aware that in some cases $SHELL can differ from the value in
>> /etc/passwd. For example I set SHELL to the full path to zsh and all
>> interactive non-login shells are zsh for me, but my login shell is bash.
>
> Agreed, that’s why I thought $SHELL should take precedence. (I used
> “SHELL=zsh guix home container …” and similar to test other shells.)
>
IIRC, $SHELL must contain a full path
https://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html
If we want to control a shell type inside container it probably should
be a different variable, like GUIX_CONTAINER_SHELL=zsh.
>>> + (passwd:shell (getpwuid (getuid))))
>>> + basename)
>>> + ("zsh" (file-append zsh "/bin/zsh"))
>>> + ("fish" (file-append fish "/bin/fish"))
>>> + ("gash" (file-append gash "/bin/gash"))
>>> + (_ (file-append bash "/bin/bash"))))
>>
>> Why we use hardcoded shell packages?
>
> For reproducibility.
>
> Initially I thought about using the actual $SHELL (as long as it’s in
> the store). However, that would make ‘guix home container’ stateful:
> it’d provide different results depending on the environment.
>
> I thought we’d rather avoid that.
>
What I meant by previous comment: to match a real state of the things
it's better to use a shell from /etc/passwd, because it will be launched
on user login and will read env vars and run all the following
processes, but to make it more reproducible and independent from system
state I think we always have to use hardcoded bash and inside the
container inspect the value of $SHELL set by login shell (hardcoded
bash) and spawn new shell if $SHELL is NOT empty.
>> 1. The will be built in case user use a zsh-patched for example.
>
> That’s the downside, yes.
>
> I don’t have a good answer to that. I guess I value reproducibility
> more than customization in this case.
>
> Perhaps we could eventually add a ‘--shell’ option or similar if that
> helps, though. WDYT?
>
I don't think we need such customization. User can spawn nested shell
himself from home profile by `-- zsh` or if we inspect $SHELL and use it
value inside container it will be spawned automatically.
>>> + (when term
>>> + ;; Preserve TERM for proper interactive use.
>>> + (setenv "TERM" term))
>>
>> Just a note: the shell can missbehave if terminfo files for current TERM
>> isn't present in the container (for example terminal package was removed
>> from home profile). Idk how to properly cover this, but just letting
>> you know. We can use TERM=dumb, but I'm not sure if it worth it.
>
> Good point. In my tests preserving TERM was good enough for
> Bash/Readline, Zsh, and less (all from an xterm). I suppose problems
> could happen with fancy curses apps and the like.
>
>> Very cool feature! Looking forward to add it to my workflow.
>
> Glad you like it! It makes it easier to test new features or services,
> much like using ‘guix system vm’ when testing Guix System changes.
>
> Thanks for taking the time to review!
Sure!)
--
Best regards,
Andrew Tropin
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 853 bytes --]
next prev parent reply other threads:[~2022-03-19 5:11 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-13 21:52 [bug#54377] [PATCH 0/3] Add 'guix home container' Ludovic Courtès
2022-03-13 21:54 ` [bug#54377] [PATCH 1/3] linux-container: 'eval/container' honors #:namespaces Ludovic Courtès
2022-03-13 21:54 ` [bug#54377] [PATCH 2/3] linux-container: Add #:guest-uid and #:guest-gid to 'eval/container' Ludovic Courtès
2022-03-13 21:54 ` [bug#54377] [PATCH 3/3] guix home: Add 'container' command Ludovic Courtès
2022-03-17 6:24 ` Andrew Tropin
2022-03-18 13:25 ` Ludovic Courtès
2022-03-19 5:09 ` Andrew Tropin [this message]
2022-03-19 10:39 ` [bug#54377] [PATCH 0/3] Add 'guix home container' Ludovic Courtès
2022-03-19 15:03 ` Andrew Tropin
2022-03-19 18:24 ` bug#54377: " Ludovic Courtès
2022-03-17 15:01 ` [bug#54377] " Frank Pursel
2022-03-19 10:32 ` Ludovic Courtès
2022-03-23 3:06 ` Frank Pursel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y216h6jc.fsf@trop.in \
--to=andrew@trop.in \
--cc=54377@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).