[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#59069: `guix shell -CN' failed to access GPU
From: |
Ludovic Courtès |
Subject: |
bug#59069: `guix shell -CN' failed to access GPU |
Date: |
Thu, 10 Nov 2022 16:49:00 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) |
Hi!
(Cc: Dave Thompson, the original author of this code.)
As you pointed out on IRC, the problem is that ‘guix shell -C’ provides
/sys whereas ‘guix shell -CN’ doesn’t.
This stems from this call in (gnu build linux-container), which has
always been there:
(mount-file-systems root mounts
#:mount-/proc? (memq 'pid namespaces)
#:mount-/sys? (memq 'net
namespaces))
This is explained a few lines above:
;; A sysfs mount requires the user to have the CAP_SYS_ADMIN capability in
;; the current network namespace.
(when mount-/sys?
(mount* "none" (scope "/sys") "sysfs"
(logior MS_NOEXEC MS_NOSUID MS_NODEV MS_RDONLY)))
As you noticed with ‘--expose=/sys’, bind-mounting /sys doesn’t work
either (‘mount’ fails with EINVAL).
Not sure what to do. Thoughts?
Ludo’.