From patchwork Wed Mar 13 09:36:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Arun Isaac X-Patchwork-Id: 1409 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 394C216CCC; Wed, 13 Mar 2019 09:46:58 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id D6D8F169F6 for ; Wed, 13 Mar 2019 09:46:57 +0000 (GMT) Received: from localhost ([127.0.0.1]:41183 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h40TR-0003At-Bm for patchwork@mira.cbaines.net; Wed, 13 Mar 2019 05:46:57 -0400 Received: from eggs.gnu.org ([209.51.188.92]:54972) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h40QY-0000a0-Aw for guix-patches@gnu.org; Wed, 13 Mar 2019 05:43:59 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h40Jq-0000AQ-Ga for guix-patches@gnu.org; Wed, 13 Mar 2019 05:37:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:55723) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1h40Jq-0000AM-CK for guix-patches@gnu.org; Wed, 13 Mar 2019 05:37:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1h40Jq-0000XO-9a for guix-patches@gnu.org; Wed, 13 Mar 2019 05:37:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#28128] [PATCH 1/2] shepherd: Move nscd-socket to (gnu system file-systems). Resent-From: Arun Isaac Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 13 Mar 2019 09:37:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 28128 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: ludo@gnu.org Received: via spool by 28128-submit@debbugs.gnu.org id=B28128.15524698002020 (code B ref 28128); Wed, 13 Mar 2019 09:37:02 +0000 Received: (at 28128) by debbugs.gnu.org; 13 Mar 2019 09:36:40 +0000 Received: from localhost ([127.0.0.1]:41031 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1h40JU-0000WP-01 for submit@debbugs.gnu.org; Wed, 13 Mar 2019 05:36:40 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:41636) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1h40JL-0000Vy-Nf for 28128@debbugs.gnu.org; Wed, 13 Mar 2019 05:36:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Zu0CqmsR0Fk7BmwIlj9MBeGJ9FN6d7ShS+hW/DAy0uE=; b=bsUw8TxsfeMlgI6KPhodaUz5EQ OHl8OvX095QiQJWDAleJ//3bf9jWfemq4jgoc1kOfaWvZMSMAL0l13AO4GhxrQu0FXobuhDdJpuW9 yZTSoh1qUCfFGlpc58mNtdFz9/CTllXAXeB8G6+UP3wi2sMaHV6kW/3VmOz5Y4m7pkMc=; Received: from [14.139.128.10] (helo=localhost.localdomain) by systemreboot.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from ) id 1h40JH-0004bl-JD; Wed, 13 Mar 2019 15:06:27 +0530 From: Arun Isaac Date: Wed, 13 Mar 2019 15:06:09 +0530 Message-Id: <20190313093610.1071-2-arunisaac@systemreboot.net> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190313093610.1071-1-arunisaac@systemreboot.net> References: <20190313093610.1071-1-arunisaac@systemreboot.net> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 28128@debbugs.gnu.org Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/build/shepherd.scm (default-mounts)[nscd-socket]: Move to ... * gnu/system/file-systems.scm (%nscd-socket-mapping): ... here. --- gnu/build/shepherd.scm | 8 ++------ gnu/system/file-systems.scm | 10 +++++++++- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/gnu/build/shepherd.scm b/gnu/build/shepherd.scm index f383259924..b3fc1f9c72 100644 --- a/gnu/build/shepherd.scm +++ b/gnu/build/shepherd.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2017, 2018 Ludovic Courtès +;;; Copyright © 2019 Arun Isaac ;;; ;;; This file is part of GNU Guix. ;;; @@ -67,15 +68,10 @@ (file-system-mapping (source "/etc/group") (target source)))) - (define nscd-socket - (file-system-mapping - (source "/var/run/nscd") (target source) - (writable? #t))) - (append (cons (tmpfs "/tmp") %container-file-systems) (let ((mappings `(,@(if (memq 'net namespaces) '() - (cons nscd-socket + (cons %nscd-socket-mapping %network-file-mappings)) ,@(if (and (memq 'mnt namespaces) (not (memq 'user namespaces))) diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm index 393dd0df70..4cf4f6608b 100644 --- a/gnu/system/file-systems.scm +++ b/gnu/system/file-systems.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès +;;; Copyright © 2019 Arun Isaac ;;; ;;; This file is part of GNU Guix. ;;; @@ -76,7 +77,8 @@ %store-mapping %network-configuration-files - %network-file-mappings)) + %network-file-mappings + %nscd-socket-mapping)) ;;; Commentary: ;;; @@ -510,6 +512,12 @@ a bind mount." (writable? (string=? file "/etc/resolv.conf")))) %network-configuration-files)) +(define %nscd-socket-mapping + (file-system-mapping + (source "/var/run/nscd") + (target source) + (writable? #t))) + (define (file-system-type-predicate type) "Return a predicate that, when passed a file system, returns #t if that file system has the given TYPE." From patchwork Wed Mar 13 09:36:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Arun Isaac X-Patchwork-Id: 1408 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id F160E16CCC; Wed, 13 Mar 2019 09:46:53 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id D7707169F6 for ; Wed, 13 Mar 2019 09:46:52 +0000 (GMT) Received: from localhost ([127.0.0.1]:41171 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h40TM-0002zu-Ci for patchwork@mira.cbaines.net; Wed, 13 Mar 2019 05:46:52 -0400 Received: from eggs.gnu.org ([209.51.188.92]:54994) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h40QW-0000aU-LZ for guix-patches@gnu.org; Wed, 13 Mar 2019 05:43:58 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h40Jq-0000Ae-VP for guix-patches@gnu.org; Wed, 13 Mar 2019 05:37:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:55724) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1h40Jq-0000Aa-QX for guix-patches@gnu.org; Wed, 13 Mar 2019 05:37:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1h40Jq-0000XW-NI for guix-patches@gnu.org; Wed, 13 Mar 2019 05:37:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#28128] [PATCH 2/2] scripts: system: Support container network sharing. Resent-From: Arun Isaac Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 13 Mar 2019 09:37:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 28128 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: ludo@gnu.org Received: via spool by 28128-submit@debbugs.gnu.org id=B28128.15524698082040 (code B ref 28128); Wed, 13 Mar 2019 09:37:02 +0000 Received: (at 28128) by debbugs.gnu.org; 13 Mar 2019 09:36:48 +0000 Received: from localhost ([127.0.0.1]:41033 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1h40JY-0000Wm-G2 for submit@debbugs.gnu.org; Wed, 13 Mar 2019 05:36:47 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:41632) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1h40JM-0000W0-56 for 28128@debbugs.gnu.org; Wed, 13 Mar 2019 05:36:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ycqrWLk4PNNdSgj7rcx03IjG5mMKDJE24iK4OooeBMY=; b=mbb0jl5kb65zn+BtyPSst0acn0 VoXGbxJo3l13vTrzCtg062L57jEVUZP8KO4V+p+kirRNtHbz47wDfP8e6zWTErbSYgLtxmOdPPHel u7DBqk/5I9cGgon4wzDqDLpr/0dc6eebZJV9BHaxoGTXuW12aTajx0a7/JpbOcOSARxA=; Received: from [14.139.128.10] (helo=localhost.localdomain) by systemreboot.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from ) id 1h40JH-0004bl-To; Wed, 13 Mar 2019 15:06:28 +0530 From: Arun Isaac Date: Wed, 13 Mar 2019 15:06:10 +0530 Message-Id: <20190313093610.1071-3-arunisaac@systemreboot.net> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190313093610.1071-1-arunisaac@systemreboot.net> References: <20190313093610.1071-1-arunisaac@systemreboot.net> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 28128@debbugs.gnu.org Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/services.scm (shared-network-service-type): New variable. * gnu/services/base.scm (%base-services): Add shared-network-service. * gnu/system.scm (essential-services): If shared-network-service exists, extend it to add /etc/services, /etc/nsswitch.conf and /etc/hosts. (operating-system-etc-service): Do not add /etc/services, /etc/nsswitch.conf and /etc/hosts. * gnu/system/linux-container.scm (container-script): Support returning a container script that shares the host network. * guix/scripts/system.scm (system-derivation-for-action, perform-action): Add #:container-shared-network? argument. (show-help): Add "-N, --network" help information. (%options): Add network option. (process-action): Call perform-action with #:container-shared-network?. Co-authored-by: Christopher Baines --- gnu/services.scm | 9 +++++++++ gnu/services/base.scm | 4 +++- gnu/system.scm | 27 +++++++++++++++++---------- gnu/system/linux-container.scm | 26 +++++++++++++++++++++++--- guix/scripts/system.scm | 30 +++++++++++++++++++++++------- 5 files changed, 75 insertions(+), 21 deletions(-) diff --git a/gnu/services.scm b/gnu/services.scm index f151bbaa9d..316b22eabb 100644 --- a/gnu/services.scm +++ b/gnu/services.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015, 2016, 2017, 2018 Ludovic Courtès ;;; Copyright © 2016 Chris Marusich +;;; Copyright © 2019 Arun Isaac ;;; ;;; This file is part of GNU Guix. ;;; @@ -95,6 +96,7 @@ profile-service-type firmware-service-type gc-root-service-type + shared-network-service-type %boot-service %activation-service @@ -651,6 +653,13 @@ as Wifi cards."))) "Register garbage-collector roots---i.e., store items that will not be reclaimed by the garbage collector."))) +(define shared-network-service-type + (service-type (name 'shared-network) + (extensions (list (service-extension etc-service-type identity))) + (compose concatenate) + (extend append) + (default-value '()))) + ;;; ;;; Service folding. diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 67df4d1379..5f806fab35 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -2373,6 +2373,8 @@ to handle." (service special-files-service-type `(("/bin/sh" ,(file-append (canonical-package bash) - "/bin/sh")))))) + "/bin/sh")))) + + (service shared-network-service-type))) ;;; base.scm ends here diff --git a/gnu/system.scm b/gnu/system.scm index e6c86cb9ba..22f7e5d55d 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2016 Chris Marusich ;;; Copyright © 2017 Mathieu Othacehe ;;; Copyright © 2019 Meiyo Peng +;;; Copyright © 2019 Arun Isaac ;;; ;;; This file is part of GNU Guix. ;;; @@ -501,7 +502,21 @@ a container or that of a \"bare metal\" system." (list %containerized-shepherd-service) (list %linux-bare-metal-service (service firmware-service-type - (operating-system-firmware os)))))))) + (operating-system-firmware os)))) + (if (find (lambda (service) + (eq? (service-type-name (service-kind service)) + 'shared-network)) + (operating-system-user-services os)) + (let ((nsswitch (plain-file "nsswitch.conf" + (name-service-switch->string + (operating-system-name-service-switch os))))) + (list (simple-service 'shared-network-extension + shared-network-service-type + `(("services" ,(file-append net-base "/etc/services")) + ("nsswitch.conf" ,#~#$nsswitch) + ("hosts" ,#~#$(or (operating-system-hosts-file os) + (default-/etc/hosts (operating-system-host-name os)))))))) + (list)))))) (define* (operating-system-services os #:key container?) "Return all the services of OS, including \"internal\" services that do not @@ -592,10 +607,6 @@ directory." "/run/current-system/profile/sbin\n"))) (issue (plain-file "issue" (operating-system-issue os))) - (nsswitch (plain-file "nsswitch.conf" - (name-service-switch->string - (operating-system-name-service-switch os)))) - ;; Startup file for POSIX-compliant login shells, which set system-wide ;; environment variables. (profile (mixed-text-file "profile" "\ @@ -679,16 +690,12 @@ then source /run/current-system/profile/etc/profile.d/bash_completion.sh fi\n"))) (etc-service - `(("services" ,(file-append net-base "/etc/services")) - ("protocols" ,(file-append net-base "/etc/protocols")) + `(("protocols" ,(file-append net-base "/etc/protocols")) ("rpc" ,(file-append net-base "/etc/rpc")) ("login.defs" ,#~#$login.defs) ("issue" ,#~#$issue) - ("nsswitch.conf" ,#~#$nsswitch) ("profile" ,#~#$profile) ("bashrc" ,#~#$bashrc) - ("hosts" ,#~#$(or (operating-system-hosts-file os) - (default-/etc/hosts (operating-system-host-name os)))) ;; Write the operating-system-host-name to /etc/hostname to prevent ;; NetworkManager from changing the system's hostname when connecting ;; to certain networks. Some discussion at diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index bceea41332..485623f563 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -1,6 +1,8 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 David Thompson ;;; Copyright © 2016, 2017 Ludovic Courtès +;;; Copyright © 2019 Christopher Baines +;;; Copyright © 2019 Arun Isaac ;;; ;;; This file is part of GNU Guix. ;;; @@ -60,11 +62,26 @@ containerized OS." %container-file-systems user-file-systems)))) -(define* (container-script os #:key (mappings '())) +(define* (container-script os #:key (mappings '()) container-shared-network?) "Return a derivation of a script that runs OS as a Linux container. MAPPINGS is a list of objects that specify the files/directories that will be shared with the host system." - (let* ((os (containerized-operating-system os mappings)) + (let* ((os (containerized-operating-system + (operating-system + (inherit os) + (services (if container-shared-network? + (remove (lambda (service) + (case (service-type-name (service-kind service)) + ((nscd shared-network) #t) + (else #f))) + (operating-system-user-services os)) + (operating-system-user-services os)))) + (append + mappings + (if container-shared-network? + (cons %nscd-socket-mapping + %network-file-mappings) + '())))) (file-systems (filter file-system-needed-for-boot? (operating-system-file-systems os))) (specs (map file-system->spec file-systems))) @@ -93,6 +110,9 @@ that will be shared with the host system." ;; users and groups, which is sufficient for most cases. ;; ;; See: http://www.freedesktop.org/software/systemd/man/systemd-nspawn.html#--private-users= - #:host-uids 65536)))) + #:host-uids 65536 + #:namespaces (if #$container-shared-network? + (delq 'net %namespaces) + %namespaces))))) (gexp->script "run-container" script)))) diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm index d67b9f8185..c2fb1ebed5 100644 --- a/guix/scripts/system.scm +++ b/guix/scripts/system.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016, 2017, 2018 Chris Marusich ;;; Copyright © 2017 Mathieu Othacehe ;;; Copyright © 2018 Ricardo Wurmus +;;; Copyright © 2019 Christopher Baines ;;; ;;; This file is part of GNU Guix. ;;; @@ -756,13 +757,16 @@ checking this by themselves in their 'check' procedure." (define* (system-derivation-for-action os action #:key image-size file-system-type - full-boot? mappings) + full-boot? mappings + container-shared-network?) "Return as a monadic value the derivation for OS according to ACTION." (case action ((build init reconfigure) (operating-system-derivation os)) ((container) - (container-script os #:mappings mappings)) + (container-script os + #:mappings mappings + #:container-shared-network? container-shared-network?)) ((vm-image) (system-qemu-image os #:disk-image-size image-size)) ((vm) @@ -817,6 +821,7 @@ and TARGET arguments." dry-run? derivations-only? use-substitutes? bootloader-target target image-size file-system-type full-boot? + container-shared-network? (mappings '()) (gc-root #f)) "Perform ACTION for OS. INSTALL-BOOTLOADER? specifies whether to install @@ -825,6 +830,8 @@ target root directory; IMAGE-SIZE is the size of the image to be built, for the 'vm-image' and 'disk-image' actions. The root file system is created as a FILE-SYSTEM-TYPE file system. FULL-BOOT? is used for the 'vm' action; it determines whether to boot directly to the kernel or to the bootloader. +CONTAINER-SHARED-NETWORK? determines if the container will use a separate +network namespace. When DERIVATIONS-ONLY? is true, print the derivation file name(s) without building anything. @@ -870,11 +877,13 @@ static checks." (check-initrd-modules os))) (mlet* %store-monad - ((sys (system-derivation-for-action os action - #:file-system-type file-system-type - #:image-size image-size - #:full-boot? full-boot? - #:mappings mappings)) + ((sys (system-derivation-for-action + os action + #:file-system-type file-system-type + #:image-size image-size + #:full-boot? full-boot? + #:container-shared-network? container-shared-network? + #:mappings mappings)) ;; For 'init' and 'reconfigure', always build BOOTCFG, even if ;; --no-bootloader is passed, because we then use it as a GC root. @@ -1011,6 +1020,8 @@ Some ACTIONS support additional ARGS.\n")) (display (G_ " --share=SPEC for 'vm', share host file system according to SPEC")) (display (G_ " + -N, --network for 'container', allow containers to access the network")) + (display (G_ " -r, --root=FILE for 'vm', 'vm-image', 'disk-image', 'container', and 'build', make FILE a symlink to the result, and register it as a garbage collector root")) @@ -1057,6 +1068,9 @@ Some ACTIONS support additional ARGS.\n")) (lambda (opt name arg result) (alist-cons 'image-size (size->number arg) result))) + (option '(#\N "network") #f #f + (lambda (opt name arg result) + (alist-cons 'container-shared-network? #t result))) (option '("no-bootloader" "no-grub") #f #f (lambda (opt name arg result) (alist-cons 'install-bootloader? #f result))) @@ -1173,6 +1187,8 @@ resulting from command-line parsing." #:file-system-type (assoc-ref opts 'file-system-type) #:image-size (assoc-ref opts 'image-size) #:full-boot? (assoc-ref opts 'full-boot?) + #:container-shared-network? + (assoc-ref opts 'container-shared-network?) #:mappings (filter-map (match-lambda (('file-system-mapping . m) m)