me
/
guix
Archived
1
0
Fork 0

linux-container: Pass '--disable-chroot' to 'guix-daemon'.

This allows for the use of Guix within a non-privileged Docker container
produced by 'guix system image -t docker'.

* gnu/system/linux-container.scm (containerized-operating-system):
Change 'guix-configuration' to add "--disable-chroot".
master
Ludovic Courtès 2023-06-16 10:52:58 +02:00
parent deeee98a50
commit ed5a9f5260
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
1 changed files with 12 additions and 1 deletions

View File

@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org> ;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2016-2017, 2019-2022 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016-2017, 2019-2023 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2019 Arun Isaac <arunisaac@systemreboot.net> ;;; Copyright © 2019 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2020 Google LLC ;;; Copyright © 2020 Google LLC
@ -160,6 +160,17 @@ containerized OS. EXTRA-FILE-SYSTEMS is a list of file systems to add to OS."
(nscd-configuration (nscd-configuration
(inherit (service-value s)) (inherit (service-value s))
(caches %nscd-container-caches)))) (caches %nscd-container-caches))))
((eq? guix-service-type (service-kind s))
;; Pass '--disable-chroot' so that
;; guix-daemon can build thing even in
;; Docker without '--privileged'.
(service guix-service-type
(guix-configuration
(inherit (service-value s))
(extra-options
(cons "--disable-chroot"
(guix-configuration-extra-options
(service-value s)))))))
(else s))) (else s)))
(operating-system-user-services os)))) (operating-system-user-services os))))
(file-systems (append (map mapping->fs (file-systems (append (map mapping->fs