02/04: linux-container: Add #:guest-uid and #:guest-gid to 'eval/contain

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/04: linux-container: Add #:guest-uid and #:guest-gid to 'eval/contain

From:	guix-commits
Subject:	02/04: linux-container: Add #:guest-uid and #:guest-gid to 'eval/container'.
Date:	Sat, 19 Mar 2022 14:21:39 -0400 (EDT)

civodul pushed a commit to branch master
in repository guix.

commit cff9fee82a06f58b10a5b3a7743295c53f7988b8
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Sun Mar 13 22:09:26 2022 +0100

    linux-container: Add #:guest-uid and #:guest-gid to 'eval/container'.
    
    * gnu/system/linux-container.scm (eval/container): Add #:guest-uid
    and #:guest-gid and honor them.
---
 gnu/system/linux-container.scm | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm
index 415d6b9775..eeb0f68c02 100644
--- a/gnu/system/linux-container.scm
+++ b/gnu/system/linux-container.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2015 David Thompson <davet@gnu.org>
-;;; Copyright © 2016, 2017, 2019, 2020, 2021 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016-2017, 2019-2022 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2019 Arun Isaac <arunisaac@systemreboot.net>
 ;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2020 Google LLC
@@ -248,11 +248,13 @@ that will be shared with the host system."
 (define* (eval/container exp
                          #:key
                          (mappings '())
-                         (namespaces %namespaces))
+                         (namespaces %namespaces)
+                         (guest-uid 0) (guest-gid 0))
   "Evaluate EXP, a gexp, in a new process executing in separate namespaces as
 listed in NAMESPACES.  Add MAPPINGS, a list of <file-system-mapping>, to the
-set of directories visible in the process's mount namespace.  Return the
-process' exit status as a monadic value.
+set of directories visible in the process's mount namespace.  Inside the
+namespaces, run code as GUEST-UID and GUEST-GID.  Return the process' exit
+status as a monadic value.
 
 This is useful to implement processes that, unlike derivations, are not
 entirely pure and need to access the outside world or to perform side
@@ -292,4 +294,6 @@ effects."
                                    (list "-c"
                                          (object->string
                                           (lowered-gexp-sexp lowered))))))
-                  #:namespaces namespaces))))))
+                  #:namespaces namespaces
+                  #:guest-uid guest-uid
+                  #:guest-gid guest-gid))))))

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (b45a301618 -> a58defdae8), guix-commits, 2022/03/19
- 01/04: linux-container: 'eval/container' honors #:namespaces., guix-commits, 2022/03/19
- 03/04: guix home: Add 'container' command., guix-commits, 2022/03/19
- 02/04: linux-container: Add #:guest-uid and #:guest-gid to 'eval/container'., guix-commits <=
- 04/04: news: Add entry about 'guix home container'., guix-commits, 2022/03/19

Prev by Date: 03/04: guix home: Add 'container' command.
Next by Date: branch master updated (b45a301618 -> a58defdae8)
Previous by thread: 03/04: guix home: Add 'container' command.
Next by thread: 04/04: news: Add entry about 'guix home container'.
Index(es):
- Date
- Thread