From c06f6db7a424fd47e3cd2625dbfda2367316f3bd Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 30 May 2016 22:44:58 +0200 Subject: container: Gracefully report mount errors in the child process. Fixes . * gnu/build/linux-container.scm (run-container): Use 'socketpair' instead of 'pipe'. Rename 'in' to 'child' and 'out' to 'parent'. Send a 'ready message or an exception argument list from the child to the parent; adjust the parent accordingly. * tests/containers.scm ("call-with-container, mnt namespace, wrong bind mount"): New test. * tests/guix-environment-container.sh: Add test with --expose=/does-not-exist. --- gnu/build/linux-container.scm | 42 ++++++++++++++++++++++++++++++------------ 1 file changed, 30 insertions(+), 12 deletions(-) (limited to 'gnu/build') diff --git a/gnu/build/linux-container.scm b/gnu/build/linux-container.scm index 562d50bcc7..91996d06ca 100644 --- a/gnu/build/linux-container.scm +++ b/gnu/build/linux-container.scm @@ -205,35 +205,53 @@ host user identifiers to map into the user namespace." ;; The parent process must initialize the user namespace for the child ;; before it can boot. To negotiate this, a pipe is used such that the ;; child process blocks until the parent writes to it. - (match (pipe) - ((in . out) + (match (socketpair PF_UNIX SOCK_STREAM 0) + ((child . parent) (let ((flags (namespaces->bit-mask namespaces))) (match (clone flags) (0 (call-with-clean-exit (lambda () - (close out) + (close-port parent) ;; Wait for parent to set things up. - (match (read in) + (match (read child) ('ready - (close in) (purify-environment) (when (memq 'mnt namespaces) - (mount-file-systems root mounts - #:mount-/proc? (memq 'pid namespaces) - #:mount-/sys? (memq 'net namespaces))) + (catch #t + (lambda () + (mount-file-systems root mounts + #:mount-/proc? (memq 'pid namespaces) + #:mount-/sys? (memq 'net + namespaces))) + (lambda args + ;; Forward the exception to the parent process. + (write args child) + (primitive-exit 3)))) ;; TODO: Manage capabilities. + (write 'ready child) + (close-port child) (thunk)) (_ ;parent died or something (primitive-exit 2)))))) (pid + (close-port child) (when (memq 'user namespaces) (initialize-user-namespace pid host-uids)) ;; TODO: Initialize cgroups. - (close in) - (write 'ready out) - (close out) - pid)))))) + (write 'ready parent) + (newline parent) + + ;; Check whether the child process' setup phase succeeded. + (let ((message (read parent))) + (close-port parent) + (match message + ('ready ;success + pid) + (((? symbol? key) args ...) ;exception + (apply throw key args)) + (_ ;unexpected termination + #f))))))))) (define* (call-with-container mounts thunk #:key (namespaces %namespaces) (host-uids 1)) -- cgit 1.4.1