From: "Thompson, David" <dthompson2@worcester.edu>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: guix-devel <guix-devel@gnu.org>, David Thompson <davet@gnu.org>
Subject: Re: [PATCH 15/15] scripts: Add 'container' subcommand.
Date: Mon, 26 Oct 2015 20:31:32 -0400 [thread overview]
Message-ID: <CAJ=RwfaJrzr9Tn-NkTE33FMDZA79ALt9ZsPoC6NNGOoZ8Js46g@mail.gmail.com> (raw)
In-Reply-To: <87egkkf2dr.fsf@gnu.org>
[-- Attachment #1: Type: text/plain, Size: 55 bytes --]
Dusting this patch off. Here's a fresh patch!
- Dave
[-- Attachment #2: 0001-scripts-Add-container-subcommand.patch --]
[-- Type: text/x-diff, Size: 10095 bytes --]
From f5312c2445d774c9355c947d3c748d064740246e Mon Sep 17 00:00:00 2001
From: David Thompson <davet@gnu.org>
Date: Wed, 1 Jul 2015 20:32:07 -0400
Subject: [PATCH] scripts: Add 'container' subcommand.
* guix/scripts/container.scm: New file.
* guix/scripts/container/exec.scm: New file.
* po/guix/POTFILES.in: Add them.
* Makefile.am (MODULES): Add them.
* doc/guix.texi (Invoking guix container): New section.
---
Makefile.am | 2 +
doc/guix.texi | 54 ++++++++++++++++++++++++++
guix/scripts/container.scm | 63 ++++++++++++++++++++++++++++++
guix/scripts/container/exec.scm | 86 +++++++++++++++++++++++++++++++++++++++++
po/guix/POTFILES.in | 2 +
5 files changed, 207 insertions(+)
create mode 100644 guix/scripts/container.scm
create mode 100644 guix/scripts/container/exec.scm
diff --git a/Makefile.am b/Makefile.am
index 4f90b1d..1582af3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -128,6 +128,8 @@ MODULES = \
guix/scripts/edit.scm \
guix/scripts/size.scm \
guix/scripts/graph.scm \
+ guix/scripts/container.scm \
+ guix/scripts/container/exec.scm \
guix.scm \
$(GNU_SYSTEM_MODULES)
diff --git a/doc/guix.texi b/doc/guix.texi
index 3491cfb..271b24b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -144,6 +144,7 @@ Utilities
* Invoking guix environment:: Setting up development environments.
* Invoking guix publish:: Sharing substitutes.
* Invoking guix challenge:: Challenging substitute servers.
+* Invoking guix container:: Process isolation.
GNU Distribution
@@ -3582,6 +3583,7 @@ programming interface of Guix in a convenient way.
* Invoking guix environment:: Setting up development environments.
* Invoking guix publish:: Sharing substitutes.
* Invoking guix challenge:: Challenging substitute servers.
+* Invoking guix container:: Process isolation.
@end menu
@node Invoking guix build
@@ -4985,6 +4987,58 @@ URLs to compare to.
@end table
+@node Invoking guix container
+@section Invoking @command{guix container}
+@cindex container
+
+Note: This tool is experimental. The interface is subject to radical
+change in the future.
+
+The purpose of @command{guix container} is to manipulate processes
+running within an isolated environment, commonly known as a
+``container,'' typically created by the @command{guix environment}
+(@pxref{Invoking guix environment}) and @command{guix system container}
+(@pxref{Invoking guix system}) commands.
+
+The general syntax is:
+
+@example
+guix container @var{action} @var{options}@dots{}
+@end example
+
+@var{action} specifies the operation to perform with a container, and
+@var{options} specifies the context-specific arguments for the action.
+
+The following actions are available:
+
+@table @code
+@item exec
+Execute a command within the context of a running container.
+
+The syntax is:
+
+@example
+guix container exec @var{pid} @var{program} @var{arguments}@dots{}
+@end example
+
+@var{pid} specifies the process ID of the running container.
+@var{program} specifies an executable file name within the container's
+root file system. @var{arguments} are the additional options that will
+be passed to @var{program}.
+
+The following command launches an interactive login shell inside a
+GuixSD container, started by @command{guix system container}, and whose
+process ID is 9001:
+
+@example
+guix container exec 9001 /run/current-system/profile/bin/bash --login
+@end example
+
+Note that the @var{pid} cannot be the parent process of a container. It
+must be the container's PID 1 or one of its child processes.
+
+@end table
+
@c *********************************************************************
@node GNU Distribution
@chapter GNU Distribution
diff --git a/guix/scripts/container.scm b/guix/scripts/container.scm
new file mode 100644
index 0000000..cd9f345
--- /dev/null
+++ b/guix/scripts/container.scm
@@ -0,0 +1,63 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2015 David Thompson <davet@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (guix scripts container)
+ #:use-module (ice-9 match)
+ #:use-module (guix ui)
+ #:export (guix-container))
+
+(define (show-help)
+ (display (_ "Usage: guix container ACTION ARGS...
+Build and manipulate Linux containers.\n"))
+ (newline)
+ (display (_ "The valid values for ACTION are:\n"))
+ (newline)
+ (display (_ "\
+ exec execute a command inside of an existing container\n"))
+ (newline)
+ (display (_ "
+ -h, --help display this help and exit"))
+ (display (_ "
+ -V, --version display version information and exit"))
+ (newline)
+ (show-bug-report-information))
+
+(define %actions '("exec"))
+
+(define (resolve-action name)
+ (let ((module (resolve-interface
+ `(guix scripts container ,(string->symbol name))))
+ (proc (string->symbol (string-append "guix-container-" name))))
+ (module-ref module proc)))
+
+(define (guix-container . args)
+ (with-error-handling
+ (match args
+ (()
+ (format (current-error-port)
+ (_ "guix container: missing action~%")))
+ ((or ("-h") ("--help"))
+ (show-help)
+ (exit 0))
+ (("--version")
+ (show-version-and-exit "guix container"))
+ ((action args ...)
+ (if (member action %actions)
+ (apply (resolve-action action) args)
+ (format (current-error-port)
+ (_ "guix container: invalid action~%")))))))
diff --git a/guix/scripts/container/exec.scm b/guix/scripts/container/exec.scm
new file mode 100644
index 0000000..b842fd3
--- /dev/null
+++ b/guix/scripts/container/exec.scm
@@ -0,0 +1,86 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2015 David Thompson <davet@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (guix scripts container exec)
+ #:use-module (ice-9 match)
+ #:use-module (srfi srfi-1)
+ #:use-module (srfi srfi-11)
+ #:use-module (srfi srfi-37)
+ #:use-module (guix scripts)
+ #:use-module (guix ui)
+ #:use-module (guix utils)
+ #:use-module (gnu build linux-container)
+ #:export (guix-container-exec))
+
+(define %options
+ (list (option '(#\h "help") #f #f
+ (lambda args
+ (show-help)
+ (exit 0)))
+ (option '(#\V "version") #f #f
+ (lambda args
+ (show-version-and-exit "guix container exec")))))
+
+(define (show-help)
+ (display (_ "Usage: guix container exec PID COMMAND [ARGS...]
+Execute COMMMAND within the container process PID.\n"))
+ (newline)
+ (display (_ "
+ -h, --help display this help and exit"))
+ (display (_ "
+ -V, --version display version information and exit"))
+ (newline)
+ (show-bug-report-information))
+
+(define (partition-args args)
+ "Split ARGS into two lists; one containing the arguments for this program,
+and the other containing arguments for the command to be executed."
+ (break (lambda (arg)
+ ;; Split after the pid argument.
+ (not (false-if-exception (string->number arg))))
+ args))
+
+(define (guix-container-exec . args)
+ (define (handle-argument arg result)
+ (if (assoc-ref result 'pid)
+ (leave (_ "~a: extraneous argument~%") arg)
+ (alist-cons 'pid (string->number* arg) result)))
+
+ (with-error-handling
+ (let-values (((args command) (partition-args args)))
+ (let* ((opts (parse-command-line args %options '(())
+ #:argument-handler
+ handle-argument))
+ (pid (assoc-ref opts 'pid)))
+
+ (unless pid
+ (leave (_ "no pid specified~%")))
+
+ (when (null? command)
+ (leave (_ "no command specified~%")))
+
+ (unless (file-exists? (string-append "/proc/" (number->string pid)))
+ (leave (_ "no such process ~d~%") pid))
+
+ (let ((result (container-excursion pid
+ (lambda ()
+ (match command
+ ((program . program-args)
+ (apply execlp program program program-args)))))))
+ (unless (zero? result)
+ (leave (_ "exec failed with status ~d~%") result)))))))
diff --git a/po/guix/POTFILES.in b/po/guix/POTFILES.in
index 0c4e4f8..6197529 100644
--- a/po/guix/POTFILES.in
+++ b/po/guix/POTFILES.in
@@ -23,6 +23,8 @@ guix/scripts/edit.scm
guix/scripts/size.scm
guix/scripts/graph.scm
guix/scripts/challenge.scm
+guix/scripts/container.scm
+guix/scripts/container/exec.scm
guix/upstream.scm
guix/ui.scm
guix/http-client.scm
--
2.5.0
next prev parent reply other threads:[~2015-10-27 0:31 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-06 13:16 [PATCH 01/15] build: syscalls: Add additional mount flags David Thompson
2015-07-06 13:16 ` [PATCH 02/15] build: syscalls: Add unmount flags David Thompson
2015-07-07 14:50 ` Ludovic Courtès
2015-07-07 22:44 ` Thompson, David
2015-07-06 13:16 ` [PATCH 03/15] build: syscalls: Add mkdtemp! David Thompson
2015-07-07 13:15 ` Ludovic Courtès
2015-07-07 22:52 ` Thompson, David
2015-07-06 13:16 ` [PATCH 04/15] utils: Add call-with-temporary-directory David Thompson
2015-07-07 13:15 ` Ludovic Courtès
2015-07-07 22:54 ` Thompson, David
2015-07-06 13:16 ` [PATCH 05/15] build: syscalls: Add clone syscall wrapper David Thompson
2015-07-07 13:23 ` Ludovic Courtès
2015-07-08 0:28 ` Thompson, David
2015-07-11 10:18 ` Ludovic Courtès
2015-07-06 13:16 ` [PATCH 06/15] build: syscalls: Add setns " David Thompson
2015-07-07 13:28 ` Ludovic Courtès
2015-07-08 0:57 ` Thompson, David
2015-07-06 13:16 ` [PATCH 07/15] build: syscalls: Add pivot-root David Thompson
2015-07-07 13:35 ` Ludovic Courtès
2015-07-08 1:18 ` Thompson, David
2015-07-08 12:47 ` Ludovic Courtès
2015-07-06 13:16 ` [PATCH 08/15] gnu: build: Add Linux container module David Thompson
2015-07-07 13:51 ` Ludovic Courtès
2015-07-08 12:38 ` Thompson, David
2015-07-08 21:57 ` Ludovic Courtès
2015-07-09 12:56 ` Thompson, David
2015-07-06 13:16 ` [PATCH 09/15] gnu: system: Move <file-system-mapping> into (gnu system file-systems) David Thompson
2015-07-07 13:51 ` Ludovic Courtès
2015-07-08 1:21 ` Thompson, David
2015-07-06 13:16 ` [PATCH 10/15] gnu: system: Move file-system->spec to " David Thompson
2015-07-07 13:51 ` Ludovic Courtès
2015-07-08 1:22 ` Thompson, David
2015-07-06 13:16 ` [PATCH 11/15] gnu: system: Add Linux container module David Thompson
2015-07-07 13:55 ` Ludovic Courtès
2015-07-09 13:00 ` Thompson, David
2015-07-10 17:57 ` Ludovic Courtès
2015-07-06 13:16 ` [PATCH 12/15] gnu: system: Add Linux container file systems David Thompson
2015-07-07 13:56 ` Ludovic Courtès
2015-07-09 12:56 ` Thompson, David
2015-07-06 13:16 ` [PATCH 13/15] scripts: system: Add 'container' action David Thompson
2015-07-07 14:05 ` Ludovic Courtès
2015-10-27 0:24 ` Thompson, David
2015-10-27 17:41 ` Ludovic Courtès
2015-10-30 17:28 ` Thompson, David
2015-07-06 13:16 ` [PATCH 14/15] scripts: environment: Add --container option David Thompson
2015-07-07 14:35 ` Ludovic Courtès
2015-07-09 13:16 ` Thompson, David
2015-07-10 18:03 ` Ludovic Courtès
2015-09-05 23:45 ` Thompson, David
2015-09-11 12:39 ` Ludovic Courtès
2015-10-10 21:11 ` Thompson, David
2015-10-11 19:34 ` Ludovic Courtès
2015-10-17 10:05 ` Ludovic Courtès
2015-10-22 1:23 ` Thompson, David
2015-10-25 21:38 ` Ludovic Courtès
2015-10-26 0:35 ` Thompson, David
2015-10-27 10:13 ` Ludovic Courtès
2015-10-31 1:25 ` Thompson, David
2015-10-31 10:28 ` Ludovic Courtès
2015-07-06 13:16 ` [PATCH 15/15] scripts: Add 'container' subcommand David Thompson
2015-07-07 14:50 ` Ludovic Courtès
2015-10-27 0:31 ` Thompson, David [this message]
2015-10-27 17:46 ` Ludovic Courtès
2015-07-07 13:14 ` [PATCH 01/15] build: syscalls: Add additional mount flags Ludovic Courtès
2015-07-07 22:42 ` Thompson, David
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJ=RwfaJrzr9Tn-NkTE33FMDZA79ALt9ZsPoC6NNGOoZ8Js46g@mail.gmail.com' \
--to=dthompson2@worcester.edu \
--cc=davet@gnu.org \
--cc=guix-devel@gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.