Commit a8a4a4a2 authored by Ludovic Courtès's avatar Ludovic Courtès
Browse files

kernel: Don't mount '%network-file-systems' in the container.

* guix/jupyter/kernel.scm (%network-file-systems): Remove.
(spawn-kernel/container)[mounts]: Remove %NETWORK-FILE-SYSTEMS.
* guix/jupyter/containers.scm (eval/container*)[run-guile]: Create /etc.
parent c8e679ce
......@@ -23,6 +23,7 @@
#:use-module (gnu system linux-container)
#:use-module (gnu build linux-container)
#:use-module (gnu build accounts)
#:use-module ((guix build utils) #:select (mkdir-p))
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:export (eval/container*))
......@@ -68,6 +69,7 @@ namespace. Return the process' PID."
(gid guest-gid))
(group-entry (gid 65534) ;the overflow GID
(name "overflow")))))
(mkdir-p "/etc")
(write-passwd users)
(write-group groups))
......
......@@ -67,15 +67,6 @@
;;; Running a kernel in a container.
;;;
(define %network-file-systems
;; The list of <file-system> objects corresponding to bind-mounts required
;; for networking.
(filter-map (lambda (mapping)
(let ((fs (file-system-mapping->bind-mount mapping)))
(and (file-exists? (file-system-device fs))
fs)))
%network-file-mappings))
(define (module-to-import? name)
"Return true if NAME (a list of symbols) denotes a module that should be
imported."
......@@ -167,7 +158,7 @@ monadic value, a <kernel> connected to that process."
(type "none")
(check? #f)
(flags '(bind-mount)))
(append %container-file-systems %network-file-systems)))
%container-file-systems))
(define namespaces
;; XXX: Since we'll talk to KERNEL over TCP/IP (due to the fact that we
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment