From patchwork Sat May 25 07:20:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arun Isaac X-Patchwork-Id: 14076 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id B475417027; Sat, 25 May 2019 08:21:06 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID autolearn=ham autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id 5824016FFC for ; Sat, 25 May 2019 08:21:06 +0100 (BST) Received: from localhost ([127.0.0.1]:37391 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hUQzJ-00016i-Uh for patchwork@mira.cbaines.net; Sat, 25 May 2019 03:21:05 -0400 Received: from eggs.gnu.org ([209.51.188.92]:56240) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hUQzH-00016R-Ie for guix-patches@gnu.org; Sat, 25 May 2019 03:21:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hUQzG-0005DW-Ha for guix-patches@gnu.org; Sat, 25 May 2019 03:21:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:34498) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hUQzG-0005DG-DV for guix-patches@gnu.org; Sat, 25 May 2019 03:21:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hUQzG-00050r-8p for guix-patches@gnu.org; Sat, 25 May 2019 03:21:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#35895] [PATCH] linux-container: Remove networking service when network is shared with host. References: <20190525070113.5576-1-arunisaac@systemreboot.net> In-Reply-To: <20190525070113.5576-1-arunisaac@systemreboot.net> Resent-From: Arun Isaac Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 25 May 2019 07:21:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 35895 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 35895@debbugs.gnu.org Received: via spool by 35895-submit@debbugs.gnu.org id=B35895.155876885519237 (code B ref 35895); Sat, 25 May 2019 07:21:02 +0000 Received: (at 35895) by debbugs.gnu.org; 25 May 2019 07:20:55 +0000 Received: from localhost ([127.0.0.1]:48042 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hUQz9-00050C-5n for submit@debbugs.gnu.org; Sat, 25 May 2019 03:20:55 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:38854) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hUQz7-000504-6N for 35895@debbugs.gnu.org; Sat, 25 May 2019 03:20:54 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Transfer-Encoding:MIME-Version: Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=MAqlsNKUSab3E1qNc2/AzHjAh7edULDNIZ6U1vBgHJs=; b=jxqWRCj9kmRzx9Kb41s5/WaGpz cUPaAb4Y+RTx0GM6QpGm8v0NtOTvq+mFvQchoAav9hwXjICgfhxNN1fcTDx6Z2quwAkxfhphfuLkY PE1Nu0hgFs6lSRkuJBViEjQtSyafe+z37YFPl2ep8v/X/FQnbbODwZij3Qi5IhZKk33w=; Received: from [49.206.13.26] (helo=steel.lan) by systemreboot.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92) (envelope-from ) id 1hUQz4-00031Y-3b; Sat, 25 May 2019 12:50:50 +0530 From: Arun Isaac Date: Sat, 25 May 2019 12:50:30 +0530 Message-Id: <20190525072030.7739-1-arunisaac@systemreboot.net> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/system/linux-container.scm (dummy-networking-shepherd-service): New procedure. (dummy-networking-service-type): New variable. (containerized-operating-system): If network is shared with host, replace static-networking-service-type with dummy-networking-service-type. --- gnu/system/linux-container.scm | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index c1e963d047..ee2a476e4c 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -30,6 +30,7 @@ #:use-module (gnu build linux-container) #:use-module (gnu services) #:use-module (gnu services base) + #:use-module (gnu services shepherd) #:use-module (gnu system) #:use-module (gnu system file-systems) #:export (system-container @@ -65,6 +66,22 @@ from OS that are needed on the bare metal and not in a container." files))) base))) +(define (dummy-networking-shepherd-service _) + (shepherd-service + (documentation "Provide loopback and networking without actually doing +anything.") + (provision '(loopback networking)) + (start #~(const #t)))) + +(define dummy-networking-service-type + (service-type + (name 'dummy-networking) + (extensions + (list (service-extension + shepherd-root-service-type + (compose list dummy-networking-shepherd-service)))) + (default-value #f))) + (define* (containerized-operating-system os mappings #:key shared-network? @@ -96,7 +113,8 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS." agetty-service-type) ;; Remove nscd service if network is shared with the host. (if shared-network? - (list nscd-service-type) + (list nscd-service-type + static-networking-service-type) (list)))) (operating-system @@ -105,10 +123,14 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS." (essential-services (container-essential-services this-operating-system #:shared-network? shared-network?)) - (services (remove (lambda (service) - (memq (service-kind service) - useless-services)) - (operating-system-user-services os))) + (services (append + (remove (lambda (service) + (memq (service-kind service) + useless-services)) + (operating-system-user-services os)) + (if shared-network? + (list (service dummy-networking-service-type)) + (list)))) (file-systems (append (map mapping->fs (if shared-network? (append %network-file-mappings mappings)