- (close out)
- (let ((result (read in)))
- (close in)
- (and (zero? (match (waitpid pid)
- ((_ . status)
- (status:exit-val status))))
- (eq? #t result))))))))
+ (close child)
+ (match (read parent)
+ ('ready
+ ;; Set up the UID/GID mapping so that we can mkdir on the tmpfs:
+ ;; <https://bugzilla.kernel.org/show_bug.cgi?id=183461>.
+ (call-with-output-file (format #f "/proc/~d/setgroups" pid)
+ (lambda (port)
+ (display "deny" port)))
+ (call-with-output-file (format #f "/proc/~d/uid_map" pid)
+ (lambda (port)
+ (format port "0 ~d 1" (getuid))))
+ (call-with-output-file (format #f "/proc/~d/gid_map" pid)
+ (lambda (port)
+ (format port "0 ~d 1" (getgid))))
+ (display "go!\n" parent)
+ (let ((result (read parent)))
+ (close parent)
+ (and (zero? (match (waitpid pid)
+ ((_ . status)
+ (status:exit-val status))))
+ result)))))))))