From patchwork Sun Apr 26 15:58:58 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Maja_K=C4=85dzio=C5=82ka?=
 <kuba@kadziolka.net>
X-Patchwork-Id: 21478
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id B706F27BBE4; Sun, 26 Apr 2020 17:00:35 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI,
	URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTP id 703AB27BBE1
	for <patchwork@mira.cbaines.net>; Sun, 26 Apr 2020 17:00:35 +0100 (BST)
Received: from localhost ([::1]:34028 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1jSjhq-0004F1-NR
	for patchwork@mira.cbaines.net; Sun, 26 Apr 2020 12:00:34 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:40954)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jSjhL-0003gb-J9
 for guix-patches@gnu.org; Sun, 26 Apr 2020 12:00:04 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jSjhL-0000ZU-2M
 for guix-patches@gnu.org; Sun, 26 Apr 2020 12:00:03 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:50665)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1jSjhK-0000Z1-HO
 for guix-patches@gnu.org; Sun, 26 Apr 2020 12:00:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jSjhK-0003Gn-Gh
 for guix-patches@gnu.org; Sun, 26 Apr 2020 12:00:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#40871] [PATCH] file-systems: mount the PID cgroup filesystem.
Resent-From: Jakub =?utf-8?b?S8SFZHppb8WCa2E=?= <kuba@kadziolka.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 26 Apr 2020 16:00:02 +0000
Resent-Message-ID: <handler.40871.B.158791675412470@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 40871
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 40871@debbugs.gnu.org
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.158791675412470
 (code B ref -1); Sun, 26 Apr 2020 16:00:02 +0000
Received: (at submit) by debbugs.gnu.org; 26 Apr 2020 15:59:14 +0000
Received: from localhost ([127.0.0.1]:33974 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1jSjgY-0003F3-5W
 for submit@debbugs.gnu.org; Sun, 26 Apr 2020 11:59:14 -0400
Received: from lists.gnu.org ([209.51.188.17]:41957)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <kuba@kadziolka.net>) id 1jSjgW-0003Ew-It
 for submit@debbugs.gnu.org; Sun, 26 Apr 2020 11:59:13 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:40870)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <kuba@kadziolka.net>) id 1jSjgV-0003Vr-W3
 for guix-patches@gnu.org; Sun, 26 Apr 2020 11:59:12 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.90_1)
 (envelope-from <kuba@kadziolka.net>) id 1jSjgV-0000L1-0J
 for guix-patches@gnu.org; Sun, 26 Apr 2020 11:59:11 -0400
Received: from pat.zlotemysli.pl ([37.59.186.212]:59486)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <kuba@kadziolka.net>) id 1jSjgU-0008IH-BI
 for guix-patches@gnu.org; Sun, 26 Apr 2020 11:59:10 -0400
Received: (qmail 1547 invoked by uid 1009); 26 Apr 2020 17:59:01 +0200
Received: from 188.123.215.55 (kuba@kadziolka.net@188.123.215.55) by pat
 (envelope-from <kuba@kadziolka.net>, uid 1002) with qmail-scanner-2.08st
 (clamdscan: 0.98.6/25793. spamassassin: 3.4.0. perlscan: 2.08st.  
 Clear:RC:1(188.123.215.55):.
 Processed in 0.008878 secs); 26 Apr 2020 15:59:01 -0000
Received: from unknown (HELO localhost.localdomain)
 (kuba@kadziolka.net@188.123.215.55)
 by pat.zlotemysli.pl with AES256-SHA encrypted SMTP;
 26 Apr 2020 17:59:01 +0200
From: Jakub =?utf-8?b?S8SFZHppb8WCa2E=?= <kuba@kadziolka.net>
Date: Sun, 26 Apr 2020 17:58:58 +0200
Message-Id: <20200426155858.15674-1-kuba@kadziolka.net>
X-Mailer: git-send-email 2.26.0
MIME-Version: 1.0
Received-SPF: none client-ip=37.59.186.212; envelope-from=kuba@kadziolka.net;
 helo=pat.zlotemysli.pl
X-detected-operating-system: by eggs.gnu.org: First seen = 2020/04/26 11:59:02
X-ACL-Warn: Detected OS   = Linux 3.1-3.10
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-Received-From: 209.51.188.43
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
 <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

* gnu/system/file-systems.scm (%control-groups): Add "pids".
* gnu/services/docker.scm (docker-shepherd-service): Resolve a TODO.

This has allowed me to make a specific configuration of nsjail work.
---
 gnu/services/docker.scm     | 3 ++-
 gnu/system/file-systems.scm | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm
index 04f9127346..d6dc792821 100644
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2018 Danny Milosavljevic <dannym@scratchpost.org>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -94,7 +95,7 @@ loop-back communications.")
                           file-system-/sys/fs/cgroup/cpuset
                           file-system-/sys/fs/cgroup/devices
                           file-system-/sys/fs/cgroup/memory
-                          ; TODO: file-system-/sys/fs/cgroup/pids
+                          file-system-/sys/fs/cgroup/pids
                           networking
                           udev))
            (start #~(make-forkexec-constructor
diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm
index 3b599efa8e..b41f66e943 100644
--- a/gnu/system/file-systems.scm
+++ b/gnu/system/file-systems.scm
@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -389,7 +390,7 @@ TARGET in the other system."
                    ;; parent directory.
                    (dependencies (list parent))))
                '("cpuset" "cpu" "cpuacct" "memory" "devices" "freezer"
-                 "blkio" "perf_event")))))
+                 "blkio" "perf_event" "pids")))))
 
 (define %elogind-file-systems
   ;; We don't use systemd, but these file systems are needed for elogind,