[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/02: environment: '--container' honors '--preserve'.
|
From: |
guix-commits |
|
Subject: |
01/02: environment: '--container' honors '--preserve'. |
|
Date: |
Thu, 3 Oct 2019 17:49:30 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit 5a02f8e3842c19d28f39e5b47d804ef70e1b3160
Author: Ludovic Courtès <address@hidden>
Date: Thu Oct 3 22:19:11 2019 +0200
environment: '--container' honors '--preserve'.
* guix/scripts/environment.scm (launch-environment/container): Add
#:white-list parameter and honor it.
(guix-environment): Pass #:white-list to 'launch-environment/container'.
* tests/guix-environment-container.sh: Add test.
---
guix/scripts/environment.scm | 19 +++++++++++++++++--
tests/guix-environment-container.sh | 5 +++++
2 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm
index 535f181..4a51654 100644
--- a/guix/scripts/environment.scm
+++ b/guix/scripts/environment.scm
@@ -452,7 +452,7 @@ regexps in WHITE-LIST."
(define* (launch-environment/container #:key command bash user user-mappings
profile manifest link-profile? network?
- map-cwd?)
+ map-cwd? (white-list '()))
"Run COMMAND within a container that features the software in PROFILE.
Environment variables are set according to the search paths of MANIFEST.
The global shell is BASH, a file name for a GNU Bash binary in the
@@ -461,7 +461,10 @@ USER-MAPPINGS, a list of file system mappings, contains
the user-specified
host file systems to mount inside the container. If USER is not #f, each
target of USER-MAPPINGS will be re-written relative to '/home/USER', and USER
will be used for the passwd entry. LINK-PROFILE? creates a symbolic link from
-~/.guix-profile to the environment profile."
+~/.guix-profile to the environment profile.
+
+Preserve environment variables whose name matches the one of the regexps in
+WHILE-LIST."
(define (optional-mapping->fs mapping)
(and (file-exists? (file-system-mapping-source mapping))
(file-system-mapping->bind-mount mapping)))
@@ -487,6 +490,11 @@ will be used for the passwd entry. LINK-PROFILE? creates
a symbolic link from
(group-entry (gid 65534) ;the overflow GID
(name "overflow"))))
(home-dir (password-entry-directory passwd))
+ (environ (filter (match-lambda
+ ((variable . value)
+ (find (cut regexp-exec <> variable)
+ white-list)))
+ (get-environment-variables)))
;; Bind-mount all requisite store items, user-specified mappings,
;; /bin/sh, the current working directory, and possibly networking
;; configuration files within the container.
@@ -555,6 +563,12 @@ will be used for the passwd entry. LINK-PROFILE? creates
a symbolic link from
(override-user-dir user home cwd)
home-dir))
+ ;; Set environment variables that match WHITE-LIST.
+ (for-each (match-lambda
+ ((variable . value)
+ (setenv variable value)))
+ environ)
+
(primitive-exit/status
;; A container's environment is already purified, so no need to
;; request it be purified again.
@@ -759,6 +773,7 @@ message if any test fails."
#:user-mappings mappings
#:profile profile
#:manifest manifest
+ #:white-list white-list
#:link-profile? link-prof?
#:network? network?
#:map-cwd? (not no-cwd?))))
diff --git a/tests/guix-environment-container.sh
b/tests/guix-environment-container.sh
index 32a5ba1..d313f2e 100644
--- a/tests/guix-environment-container.sh
+++ b/tests/guix-environment-container.sh
@@ -44,6 +44,11 @@ else
test $? = 42
fi
+# Make sure '--preserve' is honored.
+result="`FOOBAR=42; export FOOBAR; guix environment -C --ad-hoc --bootstrap \
+ guile-bootstrap -E ^FOO -- guile -c '(display (getenv \"FOOBAR\"))'`"
+test "$result" = "42"
+
# By default, the UID inside the container should be the same as outside.
uid="`id -u`"
inner_uid="`guix environment -C --ad-hoc --bootstrap guile-bootstrap \