aboutsummaryrefslogtreecommitdiff
path: root/tests/cve-sample.xml
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2019-05-10 18:16:45 +0200
committerLudovic Courtès <ludo@gnu.org>2019-05-15 16:36:21 +0200
commit6edd5c546c7c1bb5ee45436a0441a9daf1e5509c (patch)
treedf58794499e3ba22c85bff5192fe3fd76d4cedc5 /tests/cve-sample.xml
parent32747aa987bd921bc8aadc1c1d4b4da6d9bcc306 (diff)
downloadguix-6edd5c546c7c1bb5ee45436a0441a9daf1e5509c.tar.gz
guix-6edd5c546c7c1bb5ee45436a0441a9daf1e5509c.zip
linux-container: Do not add %CONTAINER-FILE-SYSTEMS to Docker image OSes.
Previously, 'guix system docker-image' would end up providing an OS that would try to mount all of %CONTAINER-FILE-SYSTEMS as well as /gnu/store, which is bound to fail in unprivileged Docker. This patch makes it so that 'guix system container' still gets those file systems, but 'guix system docker-image' doesn't. * gnu/system/linux-container.scm (containerized-operating-system): Add #:extra-file-systems parameter and honor it. Do not include %STORE-MAPPING and SHARED-NETWORK-FILE-MAPPINGS. (container-script): Add %STORE-MAPPING and optionally NETWORK-MAPPINGS to MAPPINGS and pass #:extra-file-systems.
Diffstat (limited to 'tests/cve-sample.xml')
0 files changed, 0 insertions, 0 deletions