From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id eE3NK3WcTF+efgAA0tVLHw (envelope-from ) for ; Mon, 31 Aug 2020 06:45:09 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id gN2xJ3WcTF8nEAAAB5/wlQ (envelope-from ) for ; Mon, 31 Aug 2020 06:45:09 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 435EE9403CB for ; Mon, 31 Aug 2020 06:45:09 +0000 (UTC) Received: from localhost ([::1]:42042 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kCdYy-00026K-7h for larch@yhetil.org; Mon, 31 Aug 2020 02:45:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46598) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kCdYs-000265-61 for guix-patches@gnu.org; Mon, 31 Aug 2020 02:45:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:39827) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kCdYr-0001cK-T0 for guix-patches@gnu.org; Mon, 31 Aug 2020 02:45:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kCdYr-0000YO-R9 for guix-patches@gnu.org; Mon, 31 Aug 2020 02:45:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#42849] [PATCH 3/3] installer: Run the installation inside a container. Resent-From: Mathieu Othacehe Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 31 Aug 2020 06:45:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42849 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 42849@debbugs.gnu.org Received: via spool by 42849-submit@debbugs.gnu.org id=B42849.15988562782079 (code B ref 42849); Mon, 31 Aug 2020 06:45:01 +0000 Received: (at 42849) by debbugs.gnu.org; 31 Aug 2020 06:44:38 +0000 Received: from localhost ([127.0.0.1]:51373 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kCdYU-0000XS-Ii for submit@debbugs.gnu.org; Mon, 31 Aug 2020 02:44:38 -0400 Received: from eggs.gnu.org ([209.51.188.92]:36408) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kCdYT-0000XA-D6 for 42849@debbugs.gnu.org; Mon, 31 Aug 2020 02:44:37 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:51285) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kCdYN-0001Za-A4; Mon, 31 Aug 2020 02:44:31 -0400 Received: from [2a01:e0a:19b:d9a0:24e2:2545:c1f2:cf9e] (port=36436 helo=cervin) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kCdYM-0002U1-Qk; Mon, 31 Aug 2020 02:44:31 -0400 From: Mathieu Othacehe References: <20200813123419.263639-1-othacehe@gnu.org> <20200813123419.263639-3-othacehe@gnu.org> <87eennhnpz.fsf@gnu.org> Date: Mon, 31 Aug 2020 08:44:29 +0200 In-Reply-To: <87eennhnpz.fsf@gnu.org> ("Ludovic =?UTF-8?Q?Court=C3=A8s?="'s message of "Sun, 30 Aug 2020 22:40:08 +0200") Message-ID: <87a6ybiab6.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: +tOyM6BdZBj1 > Should =E2=80=98mount-cow-store=E2=80=99 also make an overlay for /var/gu= ix/db? That > way, changes to that directory would go to /mnt/var/guix/db and the > original database would remain unchanged. I took the lazy path because it's just one file that keeps reasonably small. Adding an extra overlay for /var/guix/db would make sense here. > > Hmm, that seems quite complex, and it=E2=80=99s not great that we have to= tweak > guix-daemon-service =E2=80=9Cjust=E2=80=9D for this. Yes I can't say I'm satisfied with all of this but I'm trying different angles for this problem since months, with no proper outcome. > Is there a way we can identify processes that have open overlay files, > so we could terminate them? That's the current approach but it breaks very ofter because kmscon, udev or any other processes that can't be killed, opens an overlay file. I'd really like to avoid relying on this kind of solution. > Alternately, something that might simplify the code would be to always > run guix-daemon in a separate mount namespace. We could add a > =E2=80=98fork+exec-command/container=E2=80=99 procedure in (gnu build she= pherd) to help > with that. > > That way, all we=E2=80=99d need to do is to run =E2=80=98guix system init= =E2=80=99 in that same > mount namespace, which can be achieved using =E2=80=98container-excursion= =E2=80=99. Yes I tried that at first but there's a catch. While running guix-daemon in it's own mount namespace, it won't 'see' the mounted file-systems such as /mnt. So that would mean that we would have to do spawn a containerized process that would: * Join guix-daemon mnt namespace * Call "with-mounted-partitions" * Mount the cow-store * Run 'guix system init' In this is end it still seem overly complex, but I can give it another try. WDYT? Thanks a lot for reviewing this! Mathieu