From 4c14d4eaa7ee9d5d89c04a41adb50c7c532d14e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Mon, 30 May 2016 22:13:09 +0200
Subject: [PATCH] container: Gracefully handle failure to set up user
 namespaces.

* gnu/build/linux-container.scm (run-container): Exit when the parent
process doesn't say 'ready.
---
 gnu/build/linux-container.scm | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/gnu/build/linux-container.scm b/gnu/build/linux-container.scm
index ec68679f0b..562d50bcc7 100644
--- a/gnu/build/linux-container.scm
+++ b/gnu/build/linux-container.scm
@@ -214,15 +214,18 @@ host user identifiers to map into the user namespace."
            (lambda ()
              (close out)
              ;; Wait for parent to set things up.
-             (read in)
-             (close in)
-             (purify-environment)
-             (when (memq 'mnt namespaces)
-               (mount-file-systems root mounts
-                                   #:mount-/proc? (memq 'pid namespaces)
-                                   #:mount-/sys?  (memq 'net namespaces)))
-             ;; TODO: Manage capabilities.
-             (thunk))))
+             (match (read in)
+               ('ready
+                (close in)
+                (purify-environment)
+                (when (memq 'mnt namespaces)
+                  (mount-file-systems root mounts
+                                      #:mount-/proc? (memq 'pid namespaces)
+                                      #:mount-/sys?  (memq 'net namespaces)))
+                ;; TODO: Manage capabilities.
+                (thunk))
+               (_                                 ;parent died or something
+                (primitive-exit 2))))))
          (pid
           (when (memq 'user namespaces)
             (initialize-user-namespace pid host-uids))