diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2025-05-06 11:29:19 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2025-05-06 12:22:34 +0200 |
| commit | edc799dabfb059735f1a3084384925fe573d9de1 (patch) | |
| tree | 83c4930df0113fd41948da0fe335cc3ac6464382 | |
| parent | db336991b517f9ddc0d896b0f087eb3b88636804 (diff) | |
| download | guix-edc799dabfb059735f1a3084384925fe573d9de1.tar.gz guix-edc799dabfb059735f1a3084384925fe573d9de1.zip | |
environment, home: Make /tmp writable.
Fixes <https://issues.guix.gnu.org/78272>.
Fixes a bug caused by commit ce363c1dc7bd63a74dcf7788d340819f6d5db89f,
which inadvertently made /tmp read-only as well.
* guix/scripts/environment.scm (launch-environment/container)[tmpfs]:
New variable.
Add it to ‘file-systems’.
* guix/scripts/home.scm (spawn-home-container): Add /tmp file system
to #:mounts.
* tests/guix-environment-container.sh: Add test.
Reported-by: Tomas Volf <~@wolfsden.cz>
Change-Id: I5cb449e6d0c213d4b5866cbcbd14990437a7d4c5
| -rw-r--r-- | guix/scripts/environment.scm | 8 | ||||
| -rw-r--r-- | guix/scripts/home.scm | 7 | ||||
| -rw-r--r-- | tests/guix-environment-container.sh | 5 |
3 files changed, 19 insertions, 1 deletions
diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm index ad1b26454a..7103fdaf20 100644 --- a/guix/scripts/environment.scm +++ b/guix/scripts/environment.scm @@ -770,6 +770,13 @@ added to the container. Preserve environment variables whose name matches the one of the regexps in WHILE-LIST." + (define tmpfs + (file-system + (device "none") + (mount-point "/tmp") + (type "tmpfs") + (check? #f))) + (define (optional-mapping->fs mapping) (and (file-exists? (file-system-mapping-source mapping)) (file-system-mapping->bind-mount mapping))) @@ -867,6 +874,7 @@ WHILE-LIST." (writable? #f))) reqs))) (file-systems (append %container-file-systems + (list tmpfs) (if network? (filter-map optional-mapping->fs %network-file-mappings) diff --git a/guix/scripts/home.scm b/guix/scripts/home.scm index 57c0df6294..a4b8cc01e7 100644 --- a/guix/scripts/home.scm +++ b/guix/scripts/home.scm @@ -353,7 +353,12 @@ immediately. Return the exit status of the process in the container." #:namespaces (if network? (delq 'net %namespaces) ; share host network %namespaces) - #:mounts (list (file-system + #:mounts (list (file-system ;writable /tmp + (device "none") + (mount-point "/tmp") + (type "tmpfs") + (check? #f)) + (file-system (device "none") (mount-point (in-vicinity "/run/user" ;for shepherd & co. diff --git a/tests/guix-environment-container.sh b/tests/guix-environment-container.sh index d6cb382de9..d0f19c8372 100644 --- a/tests/guix-environment-container.sh +++ b/tests/guix-environment-container.sh @@ -195,6 +195,11 @@ guix environment --bootstrap --container --ad-hoc guile-bootstrap \ --writable-root \ -- guile -c '(mkdir "/whatever")' +# /tmp itself is always writable. +guix environment --bootstrap --container --ad-hoc guile-bootstrap \ + -- guile -c '(mkdir "/tmp/foo")' + + # Check the exit code. abnormal_exit_code=" |