From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:470:142:3::10]:46524) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1ha4Xy-0002Gm-8d for guix-patches@gnu.org; Sun, 09 Jun 2019 16:36:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ha4Xx-0007kK-4m for guix-patches@gnu.org; Sun, 09 Jun 2019 16:36:10 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:41924) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ha4Xq-0007fA-LV for guix-patches@gnu.org; Sun, 09 Jun 2019 16:36:06 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ha4Xq-0002vR-F7 for guix-patches@gnu.org; Sun, 09 Jun 2019 16:36:02 -0400 Subject: [bug#35895] [PATCH] linux-container: Remove networking service when network is shared with host. Resent-Message-ID: From: Arun Isaac In-Reply-To: <20190603191031.7e751c2a@scratchpost.org> References: <20190525070113.5576-1-arunisaac@systemreboot.net> <20190525072030.7739-1-arunisaac@systemreboot.net> <8736l2iuao.fsf@cbaines.net> <20190603191031.7e751c2a@scratchpost.org> Date: Mon, 10 Jun 2019 02:05:08 +0530 Message-ID: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Danny Milosavljevic , Christopher Baines Cc: 35895@debbugs.gnu.org --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain Thank you both for the review. I have made the suggested changes. Please find attached an updated patch. In the future, please address me in the Cc or To fields so that I take note sooner. I found your mails only a couple of days ago while going through all my unread mails. :-( --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-linux-container-Remove-networking-service-when-netwo.patch Content-Transfer-Encoding: quoted-printable From=20a7b795d9af3347330b48470d3988d43b8038c2c1 Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Sat, 25 May 2019 11:49:42 +0530 Subject: [PATCH] linux-container: Remove networking service when network is shared with host. * gnu/system/linux-container.scm (dummy-networking-shepherd-service): New procedure. (dummy-networking-service-type): New variable. (containerized-operating-system): If network is shared with host, replace static-networking-service-type with dummy-networking-service-type. =2D-- gnu/system/linux-container.scm | 36 +++++++++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index c1e963d047..95b56b6f4f 100644 =2D-- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -30,6 +30,7 @@ #:use-module (gnu build linux-container) #:use-module (gnu services) #:use-module (gnu services base) + #:use-module (gnu services shepherd) #:use-module (gnu system) #:use-module (gnu system file-systems) #:export (system-container @@ -65,6 +66,22 @@ from OS that are needed on the bare metal and not in a c= ontainer." files))) base))) =20 +(define dummy-networking-shepherd-service + (shepherd-service + (documentation "Provide loopback and networking without actually doing +anything.") + (provision '(loopback networking)) + (start #~(const #t)))) + +(define dummy-networking-service-type + (service-type + (name 'dummy-networking) + (extensions + (list (service-extension + shepherd-root-service-type + (const (list dummy-networking-shepherd-service))))) + (default-value #f))) + (define* (containerized-operating-system os mappings #:key shared-network? @@ -96,7 +113,8 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file = systems to add to OS." agetty-service-type) ;; Remove nscd service if network is shared with the host. (if shared-network? =2D (list nscd-service-type) + (list nscd-service-type + static-networking-service-type) (list)))) =20 (operating-system @@ -105,10 +123,18 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of fi= le systems to add to OS." (essential-services (container-essential-services this-operating-system #:shared-network? shared-network?)) =2D (services (remove (lambda (service) =2D (memq (service-kind service) =2D useless-services)) =2D (operating-system-user-services os))) + (services (append + (remove (lambda (service) + (memq (service-kind service) + useless-services)) + (operating-system-user-services os)) + ;; Many Guix services depend on a 'networking' shepherd + ;; service, so make sure to provide a dummy 'networking' + ;; service when we are sure that networking is already set = up + ;; in the host and can be used. That prevents double setup. + (if shared-network? + (list (service dummy-networking-service-type)) + (list)))) (file-systems (append (map mapping->fs (if shared-network? (append %network-file-mappings mappings) =2D-=20 2.21.0 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEf3MDQ/Lwnzx3v3nTLiXui2GAK7MFAlz9bX0ACgkQLiXui2GA K7ORXwf9F1mzSt5rFo0xM5IzoaKdmaqaqfJ5nZYGwHlFA/x8f1g0dVWoWoolHqyg v4vZd7MStjHh/GQRZDwXSst/QB3fCO+HFTylkYUdE622vIU0tJJudbSzETLgoYTN ExRb3mVs/HLxDkldVNXfOlRm6MdmxJh9rIUL6yXVbw1lvf3ct9so+13IxN9oBvwa bA2EDAh4oRdaYOxO7AV+LhzbL2DtRa4ZAKO1pkun6kUukP63IEENoC5Qu3DCMgd2 OG6Ih3IRA8i6ggji6XsnC5+4+NdoP8B6dutFbsYVNabS4yCCLXgBfQZyt490YHQ2 ituukuI/esabi9kR4FHpNj/s3QVLdQ== =wkT1 -----END PGP SIGNATURE----- --==-=-=--