me
/
guix
Archived
1
0
Fork 0
Code

gnu: system: Add Linux container file systems. 

* gnu/system/file-systems.scm (%container-file-systems): New variable.
master
David Thompson 2015-06-28 00:42:16 -04:00 committed by David Thompson
parent c1f6a0c2ed
commit c829bc80bd
1 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
gnu/system/file-systems.scm
View File

@ -45,6 +45,7 @@
%control-groups %control-groups
%base-file-systems %base-file-systems
%container-file-systems
mapped-device mapped-device
mapped-device? mapped-device?
@ -198,6 +199,45 @@ initrd code."
%immutable-store) %immutable-store)
%control-groups)) %control-groups))
;; File systems for Linux containers differ from %base-file-systems in that
;; they impose additional restrictions such as no-exec or need different
;; options to function properly.
;;
;; The file system flags and options conform to the libcontainer
;; specification:
;; https://github.com/docker/libcontainer/blob/master/SPEC.md#filesystem
(define %container-file-systems
(list
;; Psuedo-terminal file system.
(file-system
(device "none")
(mount-point "/dev/pts")
(type "devpts")
(flags '(no-exec no-suid))
(needed-for-boot? #t)
(create-mount-point? #t)
(check? #f)
(options "newinstance,ptmxmode=0666,mode=620"))
;; Shared memory file system.
(file-system
(device "tmpfs")
(mount-point "/dev/shm")
(type "tmpfs")
(flags '(no-exec no-suid no-dev))
(options "mode=1777,size=65536k")
(needed-for-boot? #t)
(create-mount-point? #t)
(check? #f))
;; Message queue file system.
(file-system
(device "mqueue")
(mount-point "/dev/mqueue")
(type "mqueue")
(flags '(no-exec no-suid no-dev))
(needed-for-boot? #t)
(create-mount-point? #t)
(check? #f))))
;;; ;;;