linux-container: Check if nscd run directory exists when container is run.

* gnu/system/linux-container.scm (containerized-operating-system):
(container-script): Check for existence of the host nscd run directory in the
container script. This check should be run when the container is started, not
when the container script is created.
[network-mappings]: Delete variable.
[nscd-run-directory, nscd-mapping]: New variables.
This commit is contained in:
Arun Isaac 2019-05-22 01:46:54 +05:30
parent 8698d986db
commit d2928fa63f
No known key found for this signature in database
GPG Key ID: 2E25EE8B61802BB3
1 changed files with 31 additions and 22 deletions

View File

@ -109,7 +109,10 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
(memq (service-kind service) (memq (service-kind service)
useless-services)) useless-services))
(operating-system-user-services os))) (operating-system-user-services os)))
(file-systems (append (map mapping->fs mappings) (file-systems (append (map mapping->fs
(if shared-network?
(append %network-file-mappings mappings)
mappings))
extra-file-systems extra-file-systems
user-file-systems user-file-systems
@ -124,32 +127,33 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
"Return a derivation of a script that runs OS as a Linux container. "Return a derivation of a script that runs OS as a Linux container.
MAPPINGS is a list of <file-system> objects that specify the files/directories MAPPINGS is a list of <file-system> objects that specify the files/directories
that will be shared with the host system." that will be shared with the host system."
(define network-mappings (define nscd-run-directory "/var/run/nscd")
;; Files to map if network is to be shared with the host
(append %network-file-mappings (define nscd-mapping
(let ((nscd-run-directory "/var/run/nscd")) (file-system-mapping
(if (file-exists? nscd-run-directory) (source nscd-run-directory)
(list (file-system-mapping (target nscd-run-directory)))
(source nscd-run-directory)
(target nscd-run-directory)))
'()))))
(define (mountable-file-system? file-system) (define (mountable-file-system? file-system)
;; Return #t if FILE-SYSTEM should be mounted in the container. ;; Return #t if FILE-SYSTEM should be mounted in the container.
(and (not (string=? "/" (file-system-mount-point file-system))) (and (not (string=? "/" (file-system-mount-point file-system)))
(file-system-needed-for-boot? file-system))) (file-system-needed-for-boot? file-system)))
(let* ((os (containerized-operating-system (define (os-file-system-specs os)
os (map file-system->spec
(cons %store-mapping (filter mountable-file-system?
(if shared-network? (operating-system-file-systems os))))
(append network-mappings mappings)
mappings)) (let* ((os (containerized-operating-system
#:shared-network? shared-network? os (cons %store-mapping mappings)
#:extra-file-systems %container-file-systems)) #:shared-network? shared-network?
(file-systems (filter mountable-file-system? #:extra-file-systems %container-file-systems))
(operating-system-file-systems os))) (nscd-os (containerized-operating-system
(specs (map file-system->spec file-systems))) os (cons* nscd-mapping %store-mapping mappings)
#:shared-network? shared-network?
#:extra-file-systems %container-file-systems))
(specs (os-file-system-specs os))
(nscd-specs (os-file-system-specs nscd-os)))
(define script (define script
(with-imported-modules (source-module-closure (with-imported-modules (source-module-closure
@ -160,7 +164,12 @@ that will be shared with the host system."
(gnu system file-systems) ;spec->file-system (gnu system file-systems) ;spec->file-system
(guix build utils)) (guix build utils))
(call-with-container (map spec->file-system '#$specs) (call-with-container
(map spec->file-system
(if (and #$shared-network?
(file-exists? #$nscd-run-directory))
'#$nscd-specs
'#$specs))
(lambda () (lambda ()
(setenv "HOME" "/root") (setenv "HOME" "/root")
(setenv "TMPDIR" "/tmp") (setenv "TMPDIR" "/tmp")