#:use-module (guix scripts build)
#:use-module (gnu build linux-container)
#:use-module (gnu build accounts)
+ #:use-module ((guix build syscalls) #:select (set-network-interface-up))
#:use-module (gnu system linux-container)
#:use-module (gnu system file-systems)
#:use-module (gnu packages)
#:use-module (srfi srfi-26)
#:use-module (srfi srfi-37)
#:use-module (srfi srfi-98)
- #:export (guix-environment))
+ #:export (assert-container-features
+ guix-environment))
;; Protect some env vars from purification. Borrowed from nix-shell.
(define %precious-variables
(newline)
(show-build-options-help)
(newline)
- (show-transformation-options-help)
- (newline)
(display (G_ "
-h, --help display this help and exit"))
(display (G_ "
(group-entry (gid 65534) ;the overflow GID
(name "overflow"))))
(home-dir (password-entry-directory passwd))
+ (logname (password-entry-name passwd))
(environ (filter (match-lambda
((variable . value)
(find (cut regexp-exec <> variable)
;; The same variables as in Nix's 'build.cc'.
'("TMPDIR" "TEMPDIR" "TMP" "TEMP"))
+ ;; Some programs expect USER and/or LOGNAME to be set.
+ (setenv "LOGNAME" logname)
+ (setenv "USER" logname)
+
;; Create a dummy home directory.
(mkdir-p home-dir)
(setenv "HOME" home-dir)
(write-passwd (list passwd))
(write-group groups)
+ (unless network?
+ ;; When isolated from the network, provide a minimal /etc/hosts
+ ;; to resolve "localhost".
+ (call-with-output-file "/etc/hosts"
+ (lambda (port)
+ (display "127.0.0.1 localhost\n" port)))
+
+ ;; Allow local AF_INET communications.
+ (set-network-interface-up "lo"))
+
;; For convenience, start in the user's current working
;; directory or, if unmapped, the home directory.
(chdir (if map-cwd?
(primitive-exit/status
;; A container's environment is already purified, so no need to
;; request it be purified again.
- (launch-environment command profile manifest #:pure? #f)))
+ (launch-environment command
+ (if link-profile?
+ (string-append home-dir "/.guix-profile")
+ profile)
+ manifest #:pure? #f)))
#:guest-uid uid
#:guest-gid gid
#:namespaces (if network?
;;; Entry point.
;;;
-(define (guix-environment . args)
+(define-command (guix-environment . args)
+ (category development)
+ (synopsis "spawn one-off software environments")
+
(with-error-handling
(let* ((opts (parse-args args))
(pure? (assoc-ref opts 'pure))
(with-store store
(with-build-handler (build-notifier #:use-substitutes?
(assoc-ref opts 'substitutes?)
+ #:verbosity
+ (assoc-ref opts 'verbosity)
#:dry-run?
(assoc-ref opts 'dry-run?))
(with-status-verbosity (assoc-ref opts 'verbosity)
HCoop / jackhill / guix / guix.git / blobdiff