Age | Commit message (Expand) | Author |
2020-10-01 | Instantiate nscd in each system container....* gnu/system/linux-container.scm (%nscd-container-caches): New variable.
(containerized-operating-system): Instantiate nscd-service with smaller caches
and add it to the generated operating-system, replacing any nscd-service
specified by the caller.
* gnu/system/file-systems.scm: (%network-file-mappings): Remove "/var/run/nscd".
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
| Jason Conroy |
2020-04-26 | services: system: Initial entries are non-monadic....* gnu/system.scm (operating-system-directory-base-entries): Return a
regular, non-monadic value.
* gnu/services.scm (system-derivation): Adjust accordingly.
* gnu/system/linux-container.scm (container-essential-services): Likewise.
| Ludovic Courtès |
2020-01-06 | system: linux-container: Recommend guix container....* gnu/system/linux-container.scm (container-script)[script]: Recommend
using 'guix container' to get a shell inside the running container.
| Efraim Flashner |
2019-09-18 | linux-container: 'eval/container' correctly passes -L and -C flags....This fixes a type error.
* gnu/system/linux-container.scm (eval/container): Use 'append-map', not
'map'.
* tests/containers.scm ("eval/container, non-empty load path"): New test.
| Ludovic Courtès |
2019-09-12 | linux-container: "run-container" scripts shows the container's PID....* gnu/build/linux-container.scm (call-with-container): Add
#:process-spawned-hook and honor it.
* gnu/system/linux-container.scm (container-script)[script]:
Define 'explain' and pass it as #:process-spawned-hook'.
| Ludovic Courtès |
2019-09-12 | linux-container: Exclude more services when sharing networking with the host....* gnu/system/linux-container.scm (containerized-operating-system)[useless-services]:
Add more services to the list when SHARED-NETWORK? is true.
| Ludovic Courtès |
2019-09-12 | file-systems: Add /var/run/nscd to '%network-file-mappings'....This allows containers created by "guix environment -CN" or by
"guix system container -N" to talk to the host nscd.
* gnu/system/file-systems.scm (%network-file-mappings): Add
"/var/run/nscd".
* gnu/build/shepherd.scm (default-mounts)[nscd-socket]: Remove.
* gnu/system/linux-container.scm (container-script)[nscd-run-directory]
[nscd-mapping, nscd-os, nscd-specs]: Remove.
[script]: Filter out from SPECS bind-mounts where the device does not
exist.
* guix/scripts/environment.scm (launch-environment/container)
[optional-mapping->fs]: New procedure.
[mappings]: Remove %NETWORK-FILE-MAPPINGS.
[file-systems]: Add %NETWORK-FILE-MAPPINGS here, filtered through
'optional-mapping->fs'.
| Ludovic Courtès |
2019-07-19 | linux-container: Add 'eval/container'....* gnu/system/linux-container.scm (eval/container): New procedure.
* tests/containers.scm ("eval/container, exit status")
("eval/container, writable user mapping"): New tests.
| Ludovic Courtès |
2019-06-19 | linux-container: Remove networking service when network is shared with host....* gnu/system/linux-container.scm (dummy-networking-service-type): New
variable.
(containerized-operating-system): If network is shared with host, replace
static-networking-service-type with dummy-networking-service-type.
| Arun Isaac |
2019-05-25 | linux-container: Check if nscd run directory exists when container is run....* gnu/system/linux-container.scm (containerized-operating-system):
(container-script): Check for existence of the host nscd run directory in the
container script. This check should be run when the container is started, not
when the container script is created.
[network-mappings]: Delete variable.
[nscd-run-directory, nscd-mapping]: New variables.
| Arun Isaac |
2019-05-15 | linux-container: Compute essential services for THIS-OPERATING-SYSTEM....Previously, the 'essential-services' would correspond to the initial,
non-containerized OS. Thus, all the file systems removed in
'container-essential-services' would actually still be there because the
essential services would be computed on the non-containerized OS.
This is a followup to 69cae3d3356a69b7fe69481338f760545995485e.
* gnu/system/linux-container.scm (container-essential-services): Call
'operating-system-default-essential-services' to get the baseline
services.
(containerized-operating-system): Pass THIS-OPERATING-SYSTEM, not OS, to
'container-essential-services'.
Add a dummy root file system to 'file-systems'.
(container-script)[mountable-file-system?]: New procedure.
Use it.
| Ludovic Courtès |
2019-05-15 | linux-container: Do not add %CONTAINER-FILE-SYSTEMS to Docker image OSes....Previously, 'guix system docker-image' would end up providing an OS that
would try to mount all of %CONTAINER-FILE-SYSTEMS as well as /gnu/store,
which is bound to fail in unprivileged Docker.
This patch makes it so that 'guix system container' still gets those
file systems, but 'guix system docker-image' doesn't.
* gnu/system/linux-container.scm (containerized-operating-system): Add
#:extra-file-systems parameter and honor it. Do not include
%STORE-MAPPING and SHARED-NETWORK-FILE-MAPPINGS.
(container-script): Add %STORE-MAPPING and optionally NETWORK-MAPPINGS
to MAPPINGS and pass #:extra-file-systems.
| Ludovic Courtès |
2019-05-14 | linux-container: Support container network sharing....* gnu/system/linux-container.scm (container-essential-services): If network is
to be shared with the host, remove network configuration files from etc
service.
(containerized-operating-system): If network is to be shared with the host,
remove nscd service and map host's /var/run/nscd if it exists.
(container-script): If network is to be shared with the host, do not create
network namespace.
* guix/scripts/system.scm (system-derivation-for-action): Add
#:container-shared-network? argument.
(perform-action): Add #:container-shared-network? argument.
(show-help): Add "-N, --network" help information.
(%options): Add network option.
(process-action): Call perform-action with #container-shared-network? argument.
* doc/guix.texi (Invoking guix system): Document the "-N, --network" option.
Co-authored-by: Christopher Baines <mail@cbaines.net>
| Arun Isaac |
2019-05-10 | linux-container: Improve filtering of unnecessary file systems....* gnu/system/linux-container.scm (containerized-operating-system)[user-file-systems]:
Add trailing slash for the "/dev/" and "/sys/" prefixes.
| Ludovic Courtès |
2019-04-23 | linux-container: Remove '%containerized-shepherd-service' hack....This hack worked around a defect in the Shepherd 0.5.0 and is no longer
needed.
* gnu/services/shepherd.scm (%containerized-shepherd-service): Remove.
* gnu/system/linux-container.scm (container-essential-services): Don't
use it.
| Ludovic Courtès |
2019-03-25 | system: Add 'essential-services' field to <operating-system>....* gnu/system.scm (<operating-system>)[essential-services]: New field.
(operating-system-directory-base-entries): Remove #:container? keyword
and keep only the not-container branch.
(essential-services): Likewise.
(operating-system-services): Likewise, and call
'operating-system-essential-services' instead of 'essential-services'.
(operating-system-activation-script): Remove #:container?.
(operating-system-boot-script): Likewise.
(operating-system-derivation): Likewise.
* gnu/system/linux-container.scm (container-essential-services): New procedure.
(containerized-operating-system): Use it and set the
'essential-services' field.
(container-script): Remove call to 'operating-system-derivation'.
* gnu/system/vm.scm (system-docker-image): Likewise.
* doc/guix.texi (operating-system Reference): Document 'essential-services'.
| Ludovic Courtès |
2019-03-13 | linux-container: 'containerized-operating-system' removes "useless" services....Fixes <https://bugs.gnu.org/34211>.
Reported by Efraim Flashner <efraim@flashner.co.il>.
* gnu/system/linux-container.scm (containerized-operating-system)
[useless-services]: New variable.
Add 'services' field.
| Ludovic Courtès |