[bug#64105] [PATCH] linux-container: Pass '--disable-chroot' to 'guix-daemon'.

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

* [bug#64105] [PATCH] linux-container: Pass '--disable-chroot' to 'guix-daemon'.
@ 2023-06-16  8:55 Ludovic Courtès
  0 siblings, 0 replies; only message in thread
From: Ludovic Courtès @ 2023-06-16  8:55 UTC (permalink / raw)
  To: 64105; +Cc: Ludovic Courtès

This allows for the use of Guix within a non-privileged Docker container
produced by 'guix system image -t docker'.

* gnu/system/linux-container.scm (containerized-operating-system):
Change 'guix-configuration' to add "--disable-chroot".
---
 gnu/system/linux-container.scm | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm
index 7c45dbccaf..485baea4c5 100644
--- a/gnu/system/linux-container.scm
+++ b/gnu/system/linux-container.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2015 David Thompson <davet@gnu.org>
-;;; Copyright © 2016-2017, 2019-2022 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016-2017, 2019-2023 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2019 Arun Isaac <arunisaac@systemreboot.net>
 ;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2020 Google LLC
@@ -160,6 +160,17 @@ (define* (containerized-operating-system os mappings
                                            (nscd-configuration
                                             (inherit (service-value s))
                                             (caches %nscd-container-caches))))
+                                 ((eq? guix-service-type (service-kind s))
+                                  ;; Pass '--disable-chroot' so that
+                                  ;; guix-daemon can build thing even in
+                                  ;; Docker without '--privileged'.
+                                  (service guix-service-type
+                                           (guix-configuration
+                                            (inherit (service-value s))
+                                            (extra-options
+                                             (cons "--disable-chroot"
+                                                   (guix-configuration-extra-options
+                                                    (service-value s)))))))
                                  (else s)))
                          (operating-system-user-services os))))
     (file-systems (append (map mapping->fs

base-commit: 31336e9f5d68512a9c1c6826bce9f17c892a2125
-- 
2.40.1





^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2023-06-16  8:56 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-06-16  8:55 [bug#64105] [PATCH] linux-container: Pass '--disable-chroot' to 'guix-daemon' Ludovic Courtès

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.