unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed
* [bug#35851] [PATCH] linux-container: Check if nscd run directory exists when container is run.
@ 2019-05-21 20:29 Arun Isaac
  2019-05-24 16:02 ` Ludovic Courtès
  0 siblings, 1 reply; 3+ messages in thread
From: Arun Isaac @ 2019-05-21 20:29 UTC (permalink / raw)
  To: 35851

* gnu/system/linux-container.scm (containerized-operating-system):
(container-script): Check for existence of the host nscd run directory in the
container script. This check should be run when the container is started, not
when the container script is created.
[network-mappings]: Delete variable.
[nscd-run-directory, nscd-mapping]: New variables.
---
 gnu/system/linux-container.scm | 53 ++++++++++++++++++++--------------
 1 file changed, 31 insertions(+), 22 deletions(-)

diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm
index 16eee7a3cd..c1e963d047 100644
--- a/gnu/system/linux-container.scm
+++ b/gnu/system/linux-container.scm
@@ -109,7 +109,10 @@ containerized OS.  EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
                         (memq (service-kind service)
                               useless-services))
                       (operating-system-user-services os)))
-    (file-systems (append (map mapping->fs mappings)
+    (file-systems (append (map mapping->fs
+                               (if shared-network?
+                                   (append %network-file-mappings mappings)
+                                   mappings))
                           extra-file-systems
                           user-file-systems
 
@@ -124,32 +127,33 @@ containerized OS.  EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
   "Return a derivation of a script that runs OS as a Linux container.
 MAPPINGS is a list of <file-system> objects that specify the files/directories
 that will be shared with the host system."
-  (define network-mappings
-    ;; Files to map if network is to be shared with the host
-    (append %network-file-mappings
-            (let ((nscd-run-directory "/var/run/nscd"))
-              (if (file-exists? nscd-run-directory)
-                  (list (file-system-mapping
-                         (source nscd-run-directory)
-                         (target nscd-run-directory)))
-                  '()))))
+  (define nscd-run-directory "/var/run/nscd")
+
+  (define nscd-mapping
+    (file-system-mapping
+     (source nscd-run-directory)
+     (target nscd-run-directory)))
 
   (define (mountable-file-system? file-system)
     ;; Return #t if FILE-SYSTEM should be mounted in the container.
     (and (not (string=? "/" (file-system-mount-point file-system)))
          (file-system-needed-for-boot? file-system)))
 
-  (let* ((os           (containerized-operating-system
-                        os
-                        (cons %store-mapping
-                              (if shared-network?
-                                  (append network-mappings mappings)
-                                  mappings))
-                        #:shared-network? shared-network?
-                        #:extra-file-systems %container-file-systems))
-         (file-systems (filter mountable-file-system?
-                               (operating-system-file-systems os)))
-         (specs        (map file-system->spec file-systems)))
+  (define (os-file-system-specs os)
+    (map file-system->spec
+         (filter mountable-file-system?
+                 (operating-system-file-systems os))))
+
+  (let* ((os (containerized-operating-system
+              os (cons %store-mapping mappings)
+              #:shared-network? shared-network?
+              #:extra-file-systems %container-file-systems))
+         (nscd-os (containerized-operating-system
+                   os (cons* nscd-mapping %store-mapping mappings)
+                   #:shared-network? shared-network?
+                   #:extra-file-systems %container-file-systems))
+         (specs (os-file-system-specs os))
+         (nscd-specs (os-file-system-specs nscd-os)))
 
     (define script
       (with-imported-modules (source-module-closure
@@ -160,7 +164,12 @@ that will be shared with the host system."
                          (gnu system file-systems) ;spec->file-system
                          (guix build utils))
 
-            (call-with-container (map spec->file-system '#$specs)
+            (call-with-container
+                (map spec->file-system
+                     (if (and #$shared-network?
+                              (file-exists? #$nscd-run-directory))
+                         '#$nscd-specs
+                         '#$specs))
               (lambda ()
                 (setenv "HOME" "/root")
                 (setenv "TMPDIR" "/tmp")
-- 
2.21.0

^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-05-25  6:03 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-05-21 20:29 [bug#35851] [PATCH] linux-container: Check if nscd run directory exists when container is run Arun Isaac
2019-05-24 16:02 ` Ludovic Courtès
2019-05-25  6:01   ` bug#35851: " Arun Isaac

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).