From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:470:142:3::10]:41267) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ioAe8-0001mb-4W for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:05 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ioAe6-0006SH-Oa for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:38627) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ioAe6-0006Qx-L1 for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ioAe6-0004TN-FH for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:02 -0500 Subject: [bug#38720] [PATCH] system: linux-container: Recommend guix container Resent-Message-ID: Date: Sun, 5 Jan 2020 20:27:29 +0200 From: Efraim Flashner Message-ID: <20200105182729.GA1001@E5400> References: <20191223140758.GS1115@E5400> <87v9pxzcz5.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qlTNgmc+xy1dBmNv" Content-Disposition: inline In-Reply-To: <87v9pxzcz5.fsf@gnu.org> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 38720@debbugs.gnu.org --qlTNgmc+xy1dBmNv Content-Type: multipart/mixed; boundary="0F1p//8PRICkK4MW" Content-Disposition: inline --0F1p//8PRICkK4MW Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Dec 30, 2019 at 11:05:02PM +0100, Ludovic Court=C3=A8s wrote: > Hi! >=20 > Efraim Flashner skribis: >=20 > > I've been using guix containers on foreign systems to bring some Guixy > > goodness to the unwashed sysadmins out there. When the container starts > > up it displays a message like "Run 'sudo nsenter -a -t 65698' to get a > > shell into it." Sometimes when I try to do that I'll get an error > > message back about the system's nsenter not knowing about the '-a' flag. > > I have found that using a 'guix container' command works well for me. >=20 > Oh. I was conservative and thought that people would rather use > =E2=80=9Cstandard=E2=80=9D tools. >=20 > > From f2cd59c9eb756e243a5a01e6cd3a6a6e58a02be6 Mon Sep 17 00:00:00 2001 > > From: Efraim Flashner > > Date: Mon, 23 Dec 2019 16:05:04 +0200 > > Subject: [PATCH] system: linux-container: Recommend guix container. > > > > * gnu/system/linux-container.scm (container-script)[script]: Recommend > > using 'guix container' to get a shell inside the running container. >=20 > [...] >=20 > > - ;; XXX: Should we recommend 'guix container exec'? It's= more > > - ;; verbose and doesn't bring much. > > - (info (G_ "Run 'sudo nsenter -a -t ~a' to get a shell in= to it.~%") > > + (info (G_ "Run 'sudo guix container exec ~a /run/current= -system/profile/bin/bash --login' to get a shell into it.~%") > > pid) >=20 > The comment is still correct: =E2=80=9Cguix container exec=E2=80=9D is mo= re verbose. > :-) I can update the comment :) > Should we change it so that =E2=80=9Cguix container exec PID=E2=80=9D wit= hout additional > arguments runs /bin/sh by default, or something like that? I've never really used docker, but I'm pretty sure when you enter a docker container you also need to give it the path to a binary you want to run. I've thought about it a bit and now it displays this: (ins)efraim@E5400 ~/workspace/guix$ sudo /gnu/store/7l5qdb0lw4bbghd17cam8pz= daz86zd3l-run-container system container is running as PID 13663 Run 'sudo guix container exec 13663 /run/current-system/profile/bin/bash --= login' or run 'sudo nsenter -a -t 13663' to get a shell into it. making '/gnu/store/8rrwm6wdyzl5i4g38va29azxki412nkr-system' the current sys= tem... setting up setuid programs in '/run/setuid-programs'... populating /etc from /gnu/store/lvxrcy913ga9g4sg549kk06krb8bbq6m-etc... I think I like it like this with both options. --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --0F1p//8PRICkK4MW Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="0001-system-linux-container-Recommend-guix-container.patch" Content-Transfer-Encoding: quoted-printable =46rom 1e85542ad6de76f761a366ba8d83f61b63789384 Mon Sep 17 00:00:00 2001 =46rom: Efraim Flashner Date: Mon, 23 Dec 2019 16:05:04 +0200 Subject: [PATCH] system: linux-container: Recommend guix container. * gnu/system/linux-container.scm (container-script)[script]: Recommend using 'guix container' to get a shell inside the running container. --- gnu/system/linux-container.scm | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index 2ab679ff3f..c8807398b3 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -2,6 +2,7 @@ ;;; Copyright =C2=A9 2015 David Thompson ;;; Copyright =C2=A9 2016, 2017, 2019 Ludovic Court=C3=A8s ;;; Copyright =C2=A9 2019 Arun Isaac +;;; Copyright =C2=A9 2020 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -194,11 +195,13 @@ that will be shared with the host system." (define (explain pid) ;; XXX: We can't quite call 'bindtextdomain' so there's actu= ally ;; no i18n. + ;; XXX: Should we really give both options? 'guix container = exec' + ;; is a more verbose command. Hard to fail to enter the con= tainer + ;; when we list two options. (info (G_ "system container is running as PID ~a~%") pid) - ;; XXX: Should we recommend 'guix container exec'? It's more - ;; verbose and doesn't bring much. - (info (G_ "Run 'sudo nsenter -a -t ~a' to get a shell into i= t.~%") + (info (G_ "Run 'sudo guix container exec ~a /run/current-sys= tem/profile/bin/bash --login'\n") pid) + (info (G_ "or run 'sudo nsenter -a -t ~a' to get a shell int= o it.~%") pid) (newline (guix-warning-port))) =20 (call-with-container file-systems --=20 2.24.1 --0F1p//8PRICkK4MW-- --qlTNgmc+xy1dBmNv Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl4SKpEACgkQQarn3Mo9 g1HObQ/7BmotOb48v1KtCLks782FIs2BIWc5dKBh0R5iHlob4/L6Bchu2a0rf7vh WZOzzxlHHZlFwva6kYw9R1Jrm6FF4M0eit8yfkNmTC9SCgxIiCDZwzimAFCd5gJs t1fV0xLZ0R/y4nVjXHFmE37sDvkm7j++D3nq/I2eEf+X3c3IpHKon99XaubEzYr4 zCNo2PqKtleYrn3Vp/fHl/3g/KhoRxzb2dtpcRWTy0pby5f9XORovdgKwBbMkCRu EX11/VH9isRm7Dlb/aZCT1swpPMod9Sk/bmCaxaM/k/OWImmY5TCoCX5GyIuL2/8 oh6ZgaYd8VvUkaZtjsxCPAfpzhId73pbMSJhAKKMsvjg5elc/o/tCcH1o7u99Tlb //PMN/W9zGTtIuST4gu83fU8EQflmsW0+7Qr7PefjZ96iW2f7Gr+vt2AqM/8woPg MdvqGeq+n1AkZLvHTZV1nni9wrzFCDWvcyF1YAHxF9vY/6kF70riay0cB5W4npXQ y8B5MPVL1IpjUhcJ2lcKusQNbfUIfkMr2jVlHGjm6bu4IHXCYYA1EMKLhIPOBLe8 bnAZ3BqxUB4KO3LHlTpUa0uyjlgSc1waFiq9p1S7TEhf6RLumz9ry/ONC2xXAE29 9bZi0vuBgIy+W1ztxgGlVkyxdCGzptx3mKfC8cHQqTTA/p0ijZ0= =0OHu -----END PGP SIGNATURE----- --qlTNgmc+xy1dBmNv--