From patchwork Sun Jan 5 18:27:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Efraim Flashner X-Patchwork-Id: 19598 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 7CBCB179F1; Sun, 5 Jan 2020 18:29:11 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id 2A682179EF for ; Sun, 5 Jan 2020 18:29:11 +0000 (GMT) Received: from localhost ([::1]:44260 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ioAeE-0001nw-In for patchwork@mira.cbaines.net; Sun, 05 Jan 2020 13:29:10 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:41267) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ioAe8-0001mb-4W for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:05 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ioAe6-0006SH-Oa for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:38627) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ioAe6-0006Qx-L1 for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ioAe6-0004TN-FH for guix-patches@gnu.org; Sun, 05 Jan 2020 13:29:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#38720] [PATCH] system: linux-container: Recommend guix container Resent-From: Efraim Flashner Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 05 Jan 2020 18:29:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 38720 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Ludovic =?utf-8?q?Court=C3=A8s?= Cc: 38720@debbugs.gnu.org Received: via spool by 38720-submit@debbugs.gnu.org id=B38720.157824888817123 (code B ref 38720); Sun, 05 Jan 2020 18:29:02 +0000 Received: (at 38720) by debbugs.gnu.org; 5 Jan 2020 18:28:08 +0000 Received: from localhost ([127.0.0.1]:44600 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ioAdD-0004S6-T2 for submit@debbugs.gnu.org; Sun, 05 Jan 2020 13:28:08 -0500 Received: from flashner.co.il ([178.62.234.194]:56126) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ioAdC-0004Ra-EI for 38720@debbugs.gnu.org; Sun, 05 Jan 2020 13:28:06 -0500 Received: from localhost (unknown [141.226.13.108]) by flashner.co.il (Postfix) with ESMTPSA id 819FE4015E; Sun, 5 Jan 2020 18:28:00 +0000 (UTC) Date: Sun, 5 Jan 2020 20:27:29 +0200 From: Efraim Flashner Message-ID: <20200105182729.GA1001@E5400> References: <20191223140758.GS1115@E5400> <87v9pxzcz5.fsf@gnu.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <87v9pxzcz5.fsf@gnu.org> X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches On Mon, Dec 30, 2019 at 11:05:02PM +0100, Ludovic Courtès wrote: > Hi! > > Efraim Flashner skribis: > > > I've been using guix containers on foreign systems to bring some Guixy > > goodness to the unwashed sysadmins out there. When the container starts > > up it displays a message like "Run 'sudo nsenter -a -t 65698' to get a > > shell into it." Sometimes when I try to do that I'll get an error > > message back about the system's nsenter not knowing about the '-a' flag. > > I have found that using a 'guix container' command works well for me. > > Oh. I was conservative and thought that people would rather use > “standard” tools. > > > From f2cd59c9eb756e243a5a01e6cd3a6a6e58a02be6 Mon Sep 17 00:00:00 2001 > > From: Efraim Flashner > > Date: Mon, 23 Dec 2019 16:05:04 +0200 > > Subject: [PATCH] system: linux-container: Recommend guix container. > > > > * gnu/system/linux-container.scm (container-script)[script]: Recommend > > using 'guix container' to get a shell inside the running container. > > [...] > > > - ;; XXX: Should we recommend 'guix container exec'? It's more > > - ;; verbose and doesn't bring much. > > - (info (G_ "Run 'sudo nsenter -a -t ~a' to get a shell into it.~%") > > + (info (G_ "Run 'sudo guix container exec ~a /run/current-system/profile/bin/bash --login' to get a shell into it.~%") > > pid) > > The comment is still correct: “guix container exec” is more verbose. > :-) I can update the comment :) > Should we change it so that “guix container exec PID” without additional > arguments runs /bin/sh by default, or something like that? I've never really used docker, but I'm pretty sure when you enter a docker container you also need to give it the path to a binary you want to run. I've thought about it a bit and now it displays this: (ins)efraim@E5400 ~/workspace/guix$ sudo /gnu/store/7l5qdb0lw4bbghd17cam8pzdaz86zd3l-run-container system container is running as PID 13663 Run 'sudo guix container exec 13663 /run/current-system/profile/bin/bash --login' or run 'sudo nsenter -a -t 13663' to get a shell into it. making '/gnu/store/8rrwm6wdyzl5i4g38va29azxki412nkr-system' the current system... setting up setuid programs in '/run/setuid-programs'... populating /etc from /gnu/store/lvxrcy913ga9g4sg549kk06krb8bbq6m-etc... I think I like it like this with both options. diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index 2ab679ff3f..c8807398b3 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2015 David Thompson ;;; Copyright © 2016, 2017, 2019 Ludovic Courtès ;;; Copyright © 2019 Arun Isaac +;;; Copyright © 2020 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -194,11 +195,13 @@ that will be shared with the host system." (define (explain pid) ;; XXX: We can't quite call 'bindtextdomain' so there's actually ;; no i18n. + ;; XXX: Should we really give both options? 'guix container exec' + ;; is a more verbose command. Hard to fail to enter the container + ;; when we list two options. (info (G_ "system container is running as PID ~a~%") pid) - ;; XXX: Should we recommend 'guix container exec'? It's more - ;; verbose and doesn't bring much. - (info (G_ "Run 'sudo nsenter -a -t ~a' to get a shell into it.~%") + (info (G_ "Run 'sudo guix container exec ~a /run/current-system/profile/bin/bash --login'\n") pid) + (info (G_ "or run 'sudo nsenter -a -t ~a' to get a shell into it.~%") pid) (newline (guix-warning-port))) (call-with-container file-systems