From patchwork Tue May 21 20:29:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arun Isaac X-Patchwork-Id: 14048 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id EF50C17041; Tue, 21 May 2019 21:52:50 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID autolearn=ham autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id 8C53F1703F for ; Tue, 21 May 2019 21:52:50 +0100 (BST) Received: from localhost ([127.0.0.1]:59359 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hTBkg-0001Wy-3Y for patchwork@mira.cbaines.net; Tue, 21 May 2019 16:52:50 -0400 Received: from eggs.gnu.org ([209.51.188.92]:34941) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hTBbD-0002AO-VX for guix-patches@gnu.org; Tue, 21 May 2019 16:43:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hTBbC-0007jF-Bv for guix-patches@gnu.org; Tue, 21 May 2019 16:43:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:55791) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hTBbC-0007iv-8g for guix-patches@gnu.org; Tue, 21 May 2019 16:43:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hTBbC-0002EU-1L for guix-patches@gnu.org; Tue, 21 May 2019 16:43:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#35851] [PATCH] linux-container: Check if nscd run directory exists when container is run. Resent-From: Arun Isaac Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 21 May 2019 20:43:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 35851 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 35851@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.15584713268505 (code B ref -1); Tue, 21 May 2019 20:43:01 +0000 Received: (at submit) by debbugs.gnu.org; 21 May 2019 20:42:06 +0000 Received: from localhost ([127.0.0.1]:41102 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hTBaI-0002D7-8r for submit@debbugs.gnu.org; Tue, 21 May 2019 16:42:06 -0400 Received: from eggs.gnu.org ([209.51.188.92]:48474) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hTBaF-0002Cc-PV for submit@debbugs.gnu.org; Tue, 21 May 2019 16:42:05 -0400 Received: from lists.gnu.org ([209.51.188.17]:40345) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hTBa8-0006nG-9N for submit@debbugs.gnu.org; Tue, 21 May 2019 16:41:57 -0400 Received: from eggs.gnu.org ([209.51.188.92]:34205) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hTBa6-0000p0-Tg for guix-patches@gnu.org; Tue, 21 May 2019 16:41:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hTBOV-0007dD-21 for guix-patches@gnu.org; Tue, 21 May 2019 16:29:56 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:53622) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hTBOT-0007bU-Vh for guix-patches@gnu.org; Tue, 21 May 2019 16:29:54 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Transfer-Encoding:MIME-Version: Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=9iQvdyrgSP0xZCag4TH00WaOFfwU6qgPesyYPSDjqig=; b=ehXdSkV9G/tW7rtsvdlV40Xb6H RMfjIjPQYRx9a3DxVP9n2kXtbUNup13DGq3WVJbZY7u17KlI2M9BMiLX8fM9eSmSBCQcMjKLWbfhx jR4p3BNPalGDc5BCsGWxDiYOUJiTZj2sHqrESQz+wXb/x6gMku6o/Bbz9iLglQky0xNE=; Received: from [49.206.13.26] (helo=steel.lan) by systemreboot.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92) (envelope-from ) id 1hTBOP-0002U8-5m; Wed, 22 May 2019 01:59:49 +0530 From: Arun Isaac Date: Wed, 22 May 2019 01:59:27 +0530 Message-Id: <20190521202927.5591-1-arunisaac@systemreboot.net> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/system/linux-container.scm (containerized-operating-system): (container-script): Check for existence of the host nscd run directory in the container script. This check should be run when the container is started, not when the container script is created. [network-mappings]: Delete variable. [nscd-run-directory, nscd-mapping]: New variables. --- gnu/system/linux-container.scm | 53 ++++++++++++++++++++-------------- 1 file changed, 31 insertions(+), 22 deletions(-) diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index 16eee7a3cd..c1e963d047 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -109,7 +109,10 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS." (memq (service-kind service) useless-services)) (operating-system-user-services os))) - (file-systems (append (map mapping->fs mappings) + (file-systems (append (map mapping->fs + (if shared-network? + (append %network-file-mappings mappings) + mappings)) extra-file-systems user-file-systems @@ -124,32 +127,33 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS." "Return a derivation of a script that runs OS as a Linux container. MAPPINGS is a list of objects that specify the files/directories that will be shared with the host system." - (define network-mappings - ;; Files to map if network is to be shared with the host - (append %network-file-mappings - (let ((nscd-run-directory "/var/run/nscd")) - (if (file-exists? nscd-run-directory) - (list (file-system-mapping - (source nscd-run-directory) - (target nscd-run-directory))) - '())))) + (define nscd-run-directory "/var/run/nscd") + + (define nscd-mapping + (file-system-mapping + (source nscd-run-directory) + (target nscd-run-directory))) (define (mountable-file-system? file-system) ;; Return #t if FILE-SYSTEM should be mounted in the container. (and (not (string=? "/" (file-system-mount-point file-system))) (file-system-needed-for-boot? file-system))) - (let* ((os (containerized-operating-system - os - (cons %store-mapping - (if shared-network? - (append network-mappings mappings) - mappings)) - #:shared-network? shared-network? - #:extra-file-systems %container-file-systems)) - (file-systems (filter mountable-file-system? - (operating-system-file-systems os))) - (specs (map file-system->spec file-systems))) + (define (os-file-system-specs os) + (map file-system->spec + (filter mountable-file-system? + (operating-system-file-systems os)))) + + (let* ((os (containerized-operating-system + os (cons %store-mapping mappings) + #:shared-network? shared-network? + #:extra-file-systems %container-file-systems)) + (nscd-os (containerized-operating-system + os (cons* nscd-mapping %store-mapping mappings) + #:shared-network? shared-network? + #:extra-file-systems %container-file-systems)) + (specs (os-file-system-specs os)) + (nscd-specs (os-file-system-specs nscd-os))) (define script (with-imported-modules (source-module-closure @@ -160,7 +164,12 @@ that will be shared with the host system." (gnu system file-systems) ;spec->file-system (guix build utils)) - (call-with-container (map spec->file-system '#$specs) + (call-with-container + (map spec->file-system + (if (and #$shared-network? + (file-exists? #$nscd-run-directory)) + '#$nscd-specs + '#$specs)) (lambda () (setenv "HOME" "/root") (setenv "TMPDIR" "/tmp")