linux-container: Check if nscd run directory exists when container is run.
* gnu/system/linux-container.scm (containerized-operating-system): (container-script): Check for existence of the host nscd run directory in the container script. This check should be run when the container is started, not when the container script is created. [network-mappings]: Delete variable. [nscd-run-directory, nscd-mapping]: New variables.
This commit is contained in:
parent
8698d986db
commit
d2928fa63f
|
@ -109,7 +109,10 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
|
||||||
(memq (service-kind service)
|
(memq (service-kind service)
|
||||||
useless-services))
|
useless-services))
|
||||||
(operating-system-user-services os)))
|
(operating-system-user-services os)))
|
||||||
(file-systems (append (map mapping->fs mappings)
|
(file-systems (append (map mapping->fs
|
||||||
|
(if shared-network?
|
||||||
|
(append %network-file-mappings mappings)
|
||||||
|
mappings))
|
||||||
extra-file-systems
|
extra-file-systems
|
||||||
user-file-systems
|
user-file-systems
|
||||||
|
|
||||||
|
@ -124,32 +127,33 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
|
||||||
"Return a derivation of a script that runs OS as a Linux container.
|
"Return a derivation of a script that runs OS as a Linux container.
|
||||||
MAPPINGS is a list of <file-system> objects that specify the files/directories
|
MAPPINGS is a list of <file-system> objects that specify the files/directories
|
||||||
that will be shared with the host system."
|
that will be shared with the host system."
|
||||||
(define network-mappings
|
(define nscd-run-directory "/var/run/nscd")
|
||||||
;; Files to map if network is to be shared with the host
|
|
||||||
(append %network-file-mappings
|
(define nscd-mapping
|
||||||
(let ((nscd-run-directory "/var/run/nscd"))
|
(file-system-mapping
|
||||||
(if (file-exists? nscd-run-directory)
|
(source nscd-run-directory)
|
||||||
(list (file-system-mapping
|
(target nscd-run-directory)))
|
||||||
(source nscd-run-directory)
|
|
||||||
(target nscd-run-directory)))
|
|
||||||
'()))))
|
|
||||||
|
|
||||||
(define (mountable-file-system? file-system)
|
(define (mountable-file-system? file-system)
|
||||||
;; Return #t if FILE-SYSTEM should be mounted in the container.
|
;; Return #t if FILE-SYSTEM should be mounted in the container.
|
||||||
(and (not (string=? "/" (file-system-mount-point file-system)))
|
(and (not (string=? "/" (file-system-mount-point file-system)))
|
||||||
(file-system-needed-for-boot? file-system)))
|
(file-system-needed-for-boot? file-system)))
|
||||||
|
|
||||||
(let* ((os (containerized-operating-system
|
(define (os-file-system-specs os)
|
||||||
os
|
(map file-system->spec
|
||||||
(cons %store-mapping
|
(filter mountable-file-system?
|
||||||
(if shared-network?
|
(operating-system-file-systems os))))
|
||||||
(append network-mappings mappings)
|
|
||||||
mappings))
|
(let* ((os (containerized-operating-system
|
||||||
#:shared-network? shared-network?
|
os (cons %store-mapping mappings)
|
||||||
#:extra-file-systems %container-file-systems))
|
#:shared-network? shared-network?
|
||||||
(file-systems (filter mountable-file-system?
|
#:extra-file-systems %container-file-systems))
|
||||||
(operating-system-file-systems os)))
|
(nscd-os (containerized-operating-system
|
||||||
(specs (map file-system->spec file-systems)))
|
os (cons* nscd-mapping %store-mapping mappings)
|
||||||
|
#:shared-network? shared-network?
|
||||||
|
#:extra-file-systems %container-file-systems))
|
||||||
|
(specs (os-file-system-specs os))
|
||||||
|
(nscd-specs (os-file-system-specs nscd-os)))
|
||||||
|
|
||||||
(define script
|
(define script
|
||||||
(with-imported-modules (source-module-closure
|
(with-imported-modules (source-module-closure
|
||||||
|
@ -160,7 +164,12 @@ that will be shared with the host system."
|
||||||
(gnu system file-systems) ;spec->file-system
|
(gnu system file-systems) ;spec->file-system
|
||||||
(guix build utils))
|
(guix build utils))
|
||||||
|
|
||||||
(call-with-container (map spec->file-system '#$specs)
|
(call-with-container
|
||||||
|
(map spec->file-system
|
||||||
|
(if (and #$shared-network?
|
||||||
|
(file-exists? #$nscd-run-directory))
|
||||||
|
'#$nscd-specs
|
||||||
|
'#$specs))
|
||||||
(lambda ()
|
(lambda ()
|
||||||
(setenv "HOME" "/root")
|
(setenv "HOME" "/root")
|
||||||
(setenv "TMPDIR" "/tmp")
|
(setenv "TMPDIR" "/tmp")
|
||||||
|
|
Loading…
Reference in New Issue