[bug#34638] [PATCH 2/4] linux-container: Add 'start-child-in-container'.

["Ludovic Courtès" <ludo@gnu.org>]

Hello!

Christopher Baines <mail@cbaines.net> skribis:

> This new procedure is similar to open-pipe* in (ice-9 popen), but using
> run-container from (gnu build linux-container).
>
> * gnu/build/linux-container.scm (start-child-in-container): New procedure.

[...]

 +(define* (start-child-in-container command
> +                                   #:key read? write?
> +                                   (root 'temporary)
> +                                   (mounts '())
> +                                   (namespaces %namespaces)
> +                                   (host-uids 1)
> +                                   (extra-environment-variables '()))

We could even call that ‘open-pipe/container’, for clarity.

> +  (define (with-root-directory f)
> +    (if (eq? root 'temporary)
> +        (call-with-temporary-directory f)
> +        (f root)))
> +
> +  ;; (ice-9 popen) internals
> +  (define make-rw-port (@@ (ice-9 popen) make-rw-port))
> +  (define pipe-guardian (@@ (ice-9 popen) pipe-guardian))
> +  (define make-pipe-info (@@ (ice-9 popen) make-pipe-info))

So this is the funky part.  ;-)

What if we did something like:

  (call-with-container mounts
    (lambda ()
      ;; Somehow act as a proxy between the output process
      ;; and the one spawned by ‘open-pipe*’.
      (open-pipe* …)))

?  Would that work?

That’s create an extra process, but if it works, it’s probably safer and
a lesser maintenance burden.

Now, I think that Guile should expose some of the popen internals
somehow so we can do things like you did, but that’s another story.

Ludo’.