diff options
author | Mathieu Othacehe <othacehe@gnu.org> | 2020-08-13 13:59:19 +0200 |
---|---|---|
committer | Mathieu Othacehe <othacehe@gnu.org> | 2020-09-02 17:05:23 +0200 |
commit | 5316dfc0f125b658e4a2acf7f00f49501663d943 (patch) | |
tree | 465a2b2b30bbf2f47a904311e30986ada4a263dc /gnu | |
parent | 22827396baea149f193f6e9558b522e6d9c89a44 (diff) | |
download | guix-5316dfc0f125b658e4a2acf7f00f49501663d943.tar.gz |
linux-container: Do not jail the container unconditionally.
We may want to run a container inside the MNT namespace, without jailing the container. If RUN-CONTAINER is passed a null MOUNTS list, do not jail the container. * gnu/build/linux-container.scm (run-container): Do not call MOUNT-FILE-SYSTEMS if MOUNTS list is empty.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/build/linux-container.scm | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/gnu/build/linux-container.scm b/gnu/build/linux-container.scm index 87695c98fd..21292b8d2f 100644 --- a/gnu/build/linux-container.scm +++ b/gnu/build/linux-container.scm @@ -243,7 +243,8 @@ that host UIDs (respectively GIDs) map to in the namespace." (match (read child) ('ready (purify-environment) - (when (memq 'mnt namespaces) + (when (and (not (null? mounts)) + (memq 'mnt namespaces)) (catch #t (lambda () (mount-file-systems root mounts |