986e734298113f9782f4ef7a238b12274bacde1e — David Arroyo 1 year, 4 months ago 6bbfa76
Add generic support for lower-able objects, with example.
2 files changed, 53 insertions(+), 2 deletions(-)

M aqwari/namespace.scm
A example/my-ns.scm
M aqwari/namespace.scm => aqwari/namespace.scm +5 -2
@@ 93,8 93,7 @@ string of key=value parameters for tmpfs(5)"
    (((? string? target) (? gexp? source))
     (make-bind-mount target source))

    ;; This is for convenience, so users don't have to wrap each package
    ;; in a gexp. We also mount any propagated inputs, so they are present
    ;; For packages, mount any propagated inputs, so they are present
    ;; in the resulting namespace.
    (((? string? target) (? package? pkg))
     (apply values

@@ 111,6 110,10 @@ string of key=value parameters for tmpfs(5)"
    (((? string? target) ((? string? pkgname) (? package? pkg) (? string? output)))
     (make-bind-mount target (gexp (ungexp pkg output))))

    ;; handles local-file, computed-file, plain-file and friends
    (((? string? target) (? file-like? obj))
     (bind->mount target (gexp (ungexp obj))))

    (((? string? target) ($ <tmpfs-mount> _ options))
     (make-tmpfs-mount target options))

A example/my-ns.scm => example/my-ns.scm +48 -0
@@ 0,0 1,48 @@
;; To use:
;; 	guix build -f my-ns.scm
;; will produce the binary /gnu/store/xxx-namespace/exec
;; you can then run
;; 	$(guix build -f my-ns.scm)/exec /bin/sh
;; which will construct a mount namespace based on the
;; body of the (namespace ...) macro below, make it the
;; new root directory, and execv(2) into /bin/sh.
  (aqwari namespace)
  (guix gexp)

  (gnu packages base)
  (gnu packages busybox)
  (gnu packages certs)
  (gnu packages linux))

  ;; You can include any number of other namespaces.
  (include %namespace-minimal)

  ;; Binding a path with no arguments binds that path in
  ;; the parent namespace to the same path in the new
  ;; namespace
  (bind "/etc/resolv.conf")

  ;; (bind (p1 ... pN)) is equivalent to (bind p1) ... (bind pN)
  (bind '("/etc/gai.conf" "/etc/services"))
  (bind '("/etc/passwd" "/etc/group" "/etc/nsswitch.conf"))

  (bind "/tmp/" (tmpfs "size=100M"))

  ;; You can bind a file or directory to anything with a gexp compiler.
  (bind "/etc/hosts" (plain-file "hosts" " localhost\n"))

  ;; You can bind multiple G-expressions or packages to the
  ;; same directory. An overlay mount will be created with
  ;; multiple lowerdir paths. This can be done with multiple
  ;; (bind) expressions or a single (bind) expression with a
  ;; list of sources.
  (bind "/" (list busybox util-linux iproute))

  ;; Including a tmpfs mount makes the overlay writable.
  (bind "/" (tmpfs "nr_blocks=100k")))