Important: to avoid polarizing/hurtful discussions in our public spaces, any
matter pertaining to our use of this Code of Conduct should be brought
privately to the Guix maintainers at guix-maintainers@gnu.org.  Failure to do
so will be considered as a violation of this Code of Conduct.

Contributor Covenant Code of Conduct

Our Pledge
We as members, contributors, and leaders pledge to make participation in our
community a harassment-free experience for everyone, regardless of age, body
size, visible or invisible disability, ethnicity, sex characteristics, gender
identity and expression, level of experience, education, socio-economic status,
nationality, personal appearance, race, caste, color, religion, or sexual
identity and orientation.
We pledge to act and interact in ways that contribute to an open, welcoming,
diverse, inclusive, and healthy community.
Our Standards
Examples of behavior that contributes to a positive environment for our
community include:

* Demonstrating empathy and kindness</td></tr></table>
<table class='tabs'><tr><td>
<a class='active' href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=ecae6bb621278763f201259ef49f30804c04e996'>refs</a><a href='/guix/log/'>log</a><a href='/guix/tree/?id=ecae6bb621278763f201259ef49f30804c04e996'>tree</a><a href='/guix/commit/?id=ecae6bb621278763f201259ef49f30804c04e996'>commit</a><a href='/guix/diff/?id=ecae6bb621278763f201259ef49f30804c04e996'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/'>
<input type='hidden' name='id' value='ecae6bb621278763f201259ef49f30804c04e996'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='content'><div id='summary'><pre>
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson &lt;davet@gnu.org&gt;
;;; Copyright © 2016-2017, 2019-2023 Ludovic Courtès &lt;ludo@gnu.org&gt;
;;; Copyright © 2019 Arun Isaac &lt;arunisaac@systemreboot.net&gt;
;;; Copyright © 2020 Efraim Flashner &lt;efraim@flashner.co.il&gt;
;;; Copyright © 2020 Google LLC
;;; Copyright © 2022 Ricardo Wurmus &lt;rekado@elephly.net&gt;
;;; Copyright © 2023 Pierre Langlois &lt;pierre.langlois@gmx.com&gt;
;;; Copyright © 2024 Leo Nikkilä &lt;hello@lnikki.la&gt;
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see &lt;http://www.gnu.org/licenses/&gt;.

(define-module (gnu system linux-container)
  #:use-module (ice-9 match)
  #:use-module (srfi srfi-1)
  #:use-module (guix config)
  #:use-module (guix store)
  #:use-module (guix gexp)
  #:use-module (guix derivations)
  #:use-module (guix monads)
  #:use-module (guix modules)
  #:use-module (gnu build linux-container)
  #:use-module (gnu services)
  #:use-module (gnu services base)
  #:use-module (gnu services networking)
  #:use-module (gnu services shepherd)
  #:use-module (gnu system)
  #:use-module (gnu system file-systems)
  #:export (system-container
            containerized-operating-system
            container-script
            eval/container))

(define* (container-essential-services os #:key shared-network?)
  &quot;Return a list of essential services corresponding to OS, a
non-containerized OS.  This procedure essentially strips essential services
from OS that are needed on the bare metal and not in a container.&quot;
  (define base
    (remove (lambda (service)
              (memq (service-kind service)
                    (cons* (service-kind %linux-bare-metal-service)
                           firmware-service-type
                           system-service-type
                           (if shared-network?
                               (list hosts-service-type)
                               &apos;()))))
            (operating-system-essential-services os)))

  (cons (service system-service-type
                 `((&quot;locale&quot; ,(operating-system-locale-directory os))))
        ;; If network is to be shared with the host, remove network
        ;; configuration files from etc-service.
        (if shared-network?
            (modify-services base
              (etc-service-type
               files =&gt; (remove
                         (match-lambda
                           ((filename _)
                            (member filename
                                    (map basename %network-configuration-files))))
                         files)))
            base)))

(define dummy-networking-service-type
  (shepherd-service-typ