From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 19 10:06:47 2023 Received: (at submit) by debbugs.gnu.org; 19 Feb 2023 15:06:47 +0000 Received: from localhost ([127.0.0.1]:49470 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pTlH4-0001yr-UN for submit@debbugs.gnu.org; Sun, 19 Feb 2023 10:06:47 -0500 Received: from lists.gnu.org ([209.51.188.17]:34008) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pTlH2-0001yh-KJ for submit@debbugs.gnu.org; Sun, 19 Feb 2023 10:06:45 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pTlH2-0002nw-Cx for bug-guix@gnu.org; Sun, 19 Feb 2023 10:06:44 -0500 Received: from mout.gmx.net ([212.227.17.22]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pTlH0-0001gV-IJ for bug-guix@gnu.org; Sun, 19 Feb 2023 10:06:44 -0500 Received: from labiere ([82.69.64.142]) by mail.gmx.net (mrgmx105 [212.227.17.174]) with ESMTPSA (Nemesis) id 1MIx3C-1pDs0r2BsQ-00KPil for ; Sun, 19 Feb 2023 16:06:39 +0100 User-agent: mu4e 1.8.13; emacs 28.2 From: Pierre Langlois To: bug-guix@gnu.org Subject: Cannot start a container built with `guix system container --network'. Date: Sun, 19 Feb 2023 14:58:29 +0000 Message-ID: <87a619u22x.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Provags-ID: V03:K1:wWaEs8X1Ig50I0fDFfHGqp1AVwJE1mXdkXnY7YnYSbiIfZxNCU0 +ZR5ZSxo0VzMPOclrmm2KsAXAWJfbAHgI8rlFDeF3JNCaLQEUR1brXFdKSiplhXnsPN4vdR bjFgEAc3h282cNksvcPtwpLK7wIMVVe8QeQau1uMOeIRExLSHREEAomfi/M0Fg93rVd3fyx Y3Z6l8wG2v158TlV4w3UQ== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:AHxoSS2AKNY=;PJY0fdFlNTL9PiJL/IkADFMEa+d kILV0dU5i0VpVC8ngryAVVJWtzdXEyZmd4PPrTbtjDumEqmbFqmLkhD3qj+paRidni9pQM1vY Rc4eFvyMGAXXZ4RX45lnEKD16zD9LX5jzjPgMypkvcXZModhK77dxcOCLL2ZxHCuW/SE/kqp/ pALlY0CZoWnkYAa33rVae+DKMhVJ39cT4bspL8Uqt7J2IwMsP3ZbGSAm+vS3QT/YjcLz/Pa12 lZx4WXNB9C8EP9/jLZNfGVEn0AvYvAd42WwSqPTtHBtPk6azZBoF4JTC+Pdy9ctqYdafG+txV HnAUa5GI2Y0V53LcSHktrVDfwdfTe/h/GWTmYs7S5fL+cNPlgPFzWpwsSaSnvcgksqNC5k8e9 nqV+hmFd8ZFdKFn3uymUXiGt8Lbz7/j0NpAi4vn0UwASgSVT578Lk7aVLr3AbaIochAq3jLn6 5LB+DJddW1nYPjrGZcaKTKxKsv6MTVpX/mlPJ5iWM5+p11mpLU4kn0mW67WlJ9rf7tLsb1/g4 S1NIozVO+V5FEJdw4GR2AYiL8zhgmlYrqNTng9B2GwAiyLB/9fjq7u1xw1rJUFTySBcDgu9dJ ZwPRbkb8Bo273ar/PKlJ2t4sjTD1gsk9w/OYJVYC5GDd79xYyFWNitHuknaLRlXAOv3WFibH3 BDb6/kLXYkCo7Q9UEq0nLQwI6y8pqu8fF8MjgzLInTMlNOpxze+THf+yjwQTgDfUo5T4K60Pf mU+spHIWivhhB4zL3gyfgM4IOY1W+dUhBjURY99h2XUujCtJDr5OLjQs6MJ/aYtAtLZlKX61b bVSztQJkvRboS82aAjwwa8uClFo1YMZ2v5s3/gu9Ws2pzldPul6JXRZ0DLMfmaBK3eM3OHLVq LjK3ABMAJ2qPsl6PEWzCHe6W/kOjJ3AzBiGIymMS4TE/nzDu29AhiiBUCEr5I4NvnLVMYUgi2 Y8lPQCRpE+UG95vgxTxZWfw7b6M= Received-SPF: pass client-ip=212.227.17.22; envelope-from=pierre.langlois@gmx.com; helo=mout.gmx.net X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Guix! There seems to be a bug with the --network flag to `guix system container', if we try to use docker-image.tmpl as an example we get the following failure: =2D-8<---------------cut here---------------start------------->8--- $ sudo `guix system container -v3 --network gnu/system/examples/docker-imag= e.tmpl` Password: system container is running as PID 17630 WARNING: (guile-user): imported module (guix build utils) overrides core bi= nding `delete' Run 'sudo guix container exec 17630 /run/current-system/profile/bin/bash --= login' or run 'sudo nsenter -a -t 17630' to get a shell into it. WARNING: (guile-user): imported module (guix build utils) overrides core bi= nding `delete' making '/gnu/store/2w0c609is7iilv6r2l1vrchb9qsbfgkp-system' the current sys= tem... WARNING: (guile-user): imported module (guix build utils) overrides core bi= nding `delete' setting up setuid programs in '/run/setuid-programs'... populating /etc from /gnu/store/ywsdjyq161a2clhvz6kx5m4ppz5ziqp1-etc... Backtrace: 11 (primitive-load "/gnu/store/5wdqg0jpiw1zd9pn13wmzy3f85g=E2=80= =A6") In gnu/build/linux-container.scm: 300:8 10 (call-with-temporary-directory #) 397:16 9 (_ "/tmp/guix-directory.KgjoQ6") 62:6 8 (call-with-clean-exit #) In unknown file: 7 (primitive-load "/gnu/store/2w0c609is7iilv6r2l1vrchb9qs=E2=80= =A6") In ice-9/eval.scm: 619:8 6 (_ #f) In unknown file: 5 (primitive-load "/gnu/store/xfd58fw9x65n7wr5kw2gnciszkl=E2=80= =A6") In srfi/srfi-1.scm: 634:9 4 (for-each # _) In unknown file: 3 (primitive-load "/gnu/store/3gwb0jydx90f61a6kizawsjdi6h=E2=80= =A6") In srfi/srfi-1.scm: 634:9 2 (for-each # =E2=80=A6) In gnu/build/activation.scm: 268:20 1 (_ "hosts") In unknown file: 0 (copy-file "/etc/static/hosts" "/etc/hosts") ERROR: In procedure copy-file: In procedure copy-file: Read-only file system =2D-8<---------------cut here---------------end--------------->8--- Doing a git bisect, the problem started with this commit it seems: 802ea1f3a43e5fb8d0b8bd2882954d8a6e49cde6 =2D-8<---------------cut here---------------start------------->8--- system: Deprecate hosts-file. * gnu/system.scm (operating-system-hosts-file): Deprecate procedure. (warn-hosts-file-field-deprecation): New procedure, helper for deprecated variable. (operating-system)[hosts-file]: Use helper to warn deprecated field. (local-host-aliases): Mark as deprecated. (local-host-entries): New procedure. (operating-system-default-essential-services, hurd-default-essential-services): Use hosts-service-type. Use '%operating-system-hosts-file' and 'local-host-entries'. (default-/etc/hosts): Remove procedure. (operating-system-etc-service): Remove hosts file. * doc/guix.texi (operating-system Reference) (Networking Services) (Virtualization Services): Rewrite documentation entries to use hosts-service-type. =2D-8<---------------cut here---------------end--------------->8--- Thanks! Pierre --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmPyOvYYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31URDcH/RYw3nPHCM6Tb7wqW6DSeo+K 54TA8TvmlucVmyIrNDAA0TY79INGHkPza/aUZLfwjBv6+w4ARIUnDJwAKrpELl4X 5ro2uXyAr1r7ENGPXTjPxlNA0EsY3HV/JTbOvTJqe1J/6eoobsjNGVJ9T0HqMV1W GlsGTMV6VMVHmTfJ6KQIX/mYJam32g3T7TgPK1LbCeyGz2Sb7OO5ib4m1xt0GtxW XcNjYcLGtNxMrsEORBimk3TISNroUMJXvNg/DUybHyg7dclpfTlONbqyaNSVL069 APuJAfODRM2RGhyWtegml+WrlwWu3T5WofXMdg40kGtlBlpATWuZlnW/ORP//as= =VH6S -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 19 10:32:30 2023 Received: (at 61627) by debbugs.gnu.org; 19 Feb 2023 15:32:30 +0000 Received: from localhost ([127.0.0.1]:49500 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pTlfy-0002nr-7y for submit@debbugs.gnu.org; Sun, 19 Feb 2023 10:32:30 -0500 Received: from mout.gmx.net ([212.227.17.20]:46469) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pTlfw-0002nU-QZ for 61627@debbugs.gnu.org; Sun, 19 Feb 2023 10:32:29 -0500 Received: from labiere ([82.69.64.142]) by mail.gmx.net (mrgmx104 [212.227.17.174]) with ESMTPSA (Nemesis) id 1MdefJ-1ouyxD2XT7-00Zk9M for <61627@debbugs.gnu.org>; Sun, 19 Feb 2023 16:32:22 +0100 References: <87a619u22x.fsf@gmx.com> User-agent: mu4e 1.8.13; emacs 28.2 From: Pierre Langlois To: 61627@debbugs.gnu.org Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. Date: Sun, 19 Feb 2023 15:29:20 +0000 In-reply-to: <87a619u22x.fsf@gmx.com> Message-ID: <873571u0vx.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Provags-ID: V03:K1:bQ0V7QtWmZbNNtyvgmpjF3d53XjlVWbbF2FPqOJFR1k3NS6qkwL EvNqhMqVR8VRy45GGTktLxG45dHbyE2SuZsU5QgEtH6f1WLkSRsmyqBiZEKxf5vjAl3h2mG pKWJgyxRloHbuZM3QSgQ0mwgMksbUudg2qKjiwOHH+7bG2OpxR0140WPfZ5xk/e1pRxUr5x jv7RvZhyWQO7CbBEZXxhw== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:CkSD+mHIBCQ=;zQCLiWF+gsd7sdehKTls3q0CHm+ ez1OAx/QBCDDAsliBTF+BT5R+gFB7ozELuUCP17HTlRf97QsaqJPgl1Epf3ymKv+AB44f+LHH l97Lghv6e91HwmEX6JojGVOqfpqNS9TF0GIQHMsqKId0QDGq4DAi9PK3HaeLS8JTbMY8cggux 5OpbkkJ4vJdeTKc+zpXHquergiUCFWvpPuFzZdR02gVl5Roay8CIVVw8uOyO5aTo6UDjaNv5B 4zG9gT/kV99JTrCNj7mEnFCXLMm1+sGd+qmIAqUI3ZxAt+qOklvorz7qB3uf7X0tphMaCc5NS hCKU55gosQPtDTsbaAwtvhcANtl4xiqNc1lZE8CFTGlIMdOeZIcETFxMHohDEMv5anZwuGGkb xWDE39QMBh5aCbY8t49KhfIXJ6tZixjRD/BLz5P1ySabAS/MVppqvVB4fbINll23V+lYHaliz nLK9FuaaGjCgDsEsEV4rUrn2vtfPUcWyUXlW0Shm5c0hCE0rDs0jArPM1yTLM067w2adObt/O ZcfrO8vxll1L0zqJuOuxSP0JzMFxfmguXQ/Wfc7RfeSFuU8p+rqQ0AVCNdW3zibZIC5V8T6Aj O+qG5kQrvuaNyvOIEIctKQVTH2z2TruHxsZPelA21hbFumAf2cN10CCO5iSxWbrs0DfjZGLka 69zOx3LeJp1CRnbLRtFKMcGm1tYRc0DvaTLSAcTgBr3AOx2lq9vIzGVrNmITMJ9frb2/345wH oIHPFg+6jWmBW9rwTMolOrRS3Tcs0zPeUw4BgpOkRowzfJugKVLytqH417g0KduQkybqXQcL0 tw4kUIS+S1FM/pZ3oaw0oiPeUAQtZamP84Fswvgsj/Ja59p3QCxwDZmZKnUboPSwlQsHOueUX 4kGQyIhmipRppV17ShrXOSIrxtk2w8h0lEyOq6WtxRU2a9dh6PjI9zWdejLjrhbTpy0S5Acr+ KGUvnLuTRK829xiZmUxuLzBsauo= X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 61627 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Pierre Langlois writes: > [[PGP Signed Part:Undecided]] > Hi Guix! > > There seems to be a bug with the --network flag to `guix system > container', if we try to use docker-image.tmpl as an example we get the > following failure: > > $ sudo `guix system container -v3 --network gnu/system/examples/docker-im= age.tmpl` > Password: > system container is running as PID 17630 > WARNING: (guile-user): imported module (guix build utils) overrides core = binding `delete' > Run 'sudo guix container exec 17630 /run/current-system/profile/bin/bash = --login' > or run 'sudo nsenter -a -t 17630' to get a shell into it. > > WARNING: (guile-user): imported module (guix build utils) overrides core = binding `delete' > making '/gnu/store/2w0c609is7iilv6r2l1vrchb9qsbfgkp-system' the current s= ystem... > WARNING: (guile-user): imported module (guix build utils) overrides core = binding `delete' > setting up setuid programs in '/run/setuid-programs'... > populating /etc from /gnu/store/ywsdjyq161a2clhvz6kx5m4ppz5ziqp1-etc... > Backtrace: > 11 (primitive-load "/gnu/store/5wdqg0jpiw1zd9pn13wmzy3f85g=E2= =80=A6") > In gnu/build/linux-container.scm: > 300:8 10 (call-with-temporary-directory #) > 397:16 9 (_ "/tmp/guix-directory.KgjoQ6") > 62:6 8 (call-with-clean-exit #) > In unknown file: > 7 (primitive-load "/gnu/store/2w0c609is7iilv6r2l1vrchb9qs=E2= =80=A6") > In ice-9/eval.scm: > 619:8 6 (_ #f) > In unknown file: > 5 (primitive-load "/gnu/store/xfd58fw9x65n7wr5kw2gnciszkl=E2= =80=A6") > In srfi/srfi-1.scm: > 634:9 4 (for-each # _) > In unknown file: > 3 (primitive-load "/gnu/store/3gwb0jydx90f61a6kizawsjdi6h=E2= =80=A6") > In srfi/srfi-1.scm: > 634:9 2 (for-each # =E2=80=A6) > In gnu/build/activation.scm: > 268:20 1 (_ "hosts") > In unknown file: > 0 (copy-file "/etc/static/hosts" "/etc/hosts") > > ERROR: In procedure copy-file: > In procedure copy-file: Read-only file system > > > Doing a git bisect, the problem started with this commit it seems: > 802ea1f3a43e5fb8d0b8bd2882954d8a6e49cde6 > > system: Deprecate hosts-file. > > * gnu/system.scm (operating-system-hosts-file): Deprecate procedure. > (warn-hosts-file-field-deprecation): New procedure, helper for > deprecated variable. > (operating-system)[hosts-file]: Use helper to warn deprecated field. > (local-host-aliases): Mark as deprecated. > (local-host-entries): New procedure. > (operating-system-default-essential-services, > hurd-default-essential-services): Use hosts-service-type. Use > '%operating-system-hosts-file' and 'local-host-entries'. > (default-/etc/hosts): Remove procedure. > (operating-system-etc-service): Remove hosts file. > * doc/guix.texi (operating-system Reference) > (Networking Services) (Virtualization Services): Rewrite documentation > entries to use hosts-service-type. Digging into the container script code, I think the reason is that when sharing the network, it's supposed to remove any network-related services from the containerized operating system. And it's not aware of the new hosts-service-type. The following diff seems to fix the issue: =2D-8<---------------cut here---------------start------------->8--- diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index c2fd55d48e..9190d013bc 100644 =2D-- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -49,9 +49,12 @@ (define* (container-essential-services os #:key shared-n= etwork?) (define base (remove (lambda (service) (memq (service-kind service) =2D (list (service-kind %linux-bare-metal-service) =2D firmware-service-type =2D system-service-type))) + (cons* (service-kind %linux-bare-metal-service) + firmware-service-type + system-service-type + (if shared-network? + (list hosts-service-type) + '())))) (operating-system-default-essential-services os))) (cons (service system-service-type =2D-8<---------------cut here---------------end--------------->8--- I wonder if this is a full fix though, I see that we also remove network related configuration files, using `%network-configuration-files', and I wonder if "/etc/hosts" is still supposed to be there? =2D-8<---------------cut here---------------start------------->8--- (define %network-configuration-files ;; List of essential network configuration files. '("/etc/resolv.conf" "/etc/nsswitch.conf" "/etc/services" "/etc/hosts")) =2D-8<---------------cut here---------------end--------------->8--- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmPyQQIYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31Uo5UH/ArQUZvVp9UYvirgW/5jVtWn tvZEtS9Tc3sVM61Po98voyTqGHHi7bga8ECgbpa0rtApST1g0TRsqAQthgDTlgHr P9sQplXpSOMXKfFFK1uj60wqJq2L3zXt4Qm210CETV6PprABUdgvyCLD59Bj+ccv p5sf74aJx85ujTx3gmI97Sas3MwW6Aw3GO4P1zN8PKWI6fnMCo+ZjBLz1elzbSuz tja+xqqNIjMpCdumnlLcCViODH23t0Mt3zy5NWppKxVQNTGyle8bH+yMI3r7kCFz NRmc5FbULFeAr8unTQEr4/Q/F40K7NawsO32i0dj/YhtGCSKWLjVe29VKwZ0/vg= =uOjq -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sun Feb 26 23:48:35 2023 Received: (at 61627) by debbugs.gnu.org; 27 Feb 2023 04:48:35 +0000 Received: from localhost ([127.0.0.1]:45625 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pWVRC-0004Mf-PC for submit@debbugs.gnu.org; Sun, 26 Feb 2023 23:48:35 -0500 Received: from mx.iit.it ([90.147.26.161]:37469 helo=es400ra01.iit.it) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pWO2a-0003yC-4o for 61627@debbugs.gnu.org; Sun, 26 Feb 2023 15:54:41 -0500 Received: from es400ra01.iit.it (127.0.0.1) id hvf3gq0171sj for <61627@debbugs.gnu.org>; Sun, 26 Feb 2023 21:54:35 +0100 (envelope-from ) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iit.it; s=mx; i=@iit.it; h=Received:Received:From:To:Subject:Date: Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding; bh=FQp4m5qpuhVgwASCcDSJ8BVu24op9sDYp4kjtZF1XKA=; b=AxceoHJAtHIlU Wsha3nB/e5LASjtOMmkwMiLwVCnm/Xzo1Z1kn4DDo14davrWwHZxpABtat+lccZH iqte7dqbvWeRK1Tb1Fj1pqOm3zee1BjmbhuThjwsKBOfgIUqOtqGbDmrEONN7rUk JFUP7fHRCcxZtc9u7bAjrryjrarW6E= Received: from mail.iit.it ([10.255.8.186]) by es400ra01.iit.it ([172.31.0.241]) (SonicWall 10.0.19.7431) with ESMTPS (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256/256) id o202302262054350185451-11; Sun, 26 Feb 2023 21:54:35 +0100 Received: from localhost (80.117.24.44) by iitmxwge020.iit.local (10.255.8.186) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.17; Sun, 26 Feb 2023 21:54:35 +0100 From: =?utf-8?Q?Nicol=C3=B2_Balzarotti?= To: <61627@debbugs.gnu.org> Subject: Cannot start a container built with `guix system container --network'. Date: Sun, 26 Feb 2023 21:54:34 +0100 Message-ID: <86edqc5er9.fsf@IITUVIPLAP024.mail-host-address-is-not-set> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Originating-IP: [80.117.24.44] X-ClientProxiedBy: IITMXWGE021.iit.local (10.255.8.187) To iitmxwge020.iit.local (10.255.8.186) X-Mlf-DSE-Version: 7077 X-Mlf-Rules-Version: s20230112191048; ds20200715013501; di20230221222152; ri20160318003319; fs20230223174059 X-Mlf-Smartnet-Version: 20210917223710 X-Mlf-Envelope-From: Nicolo.Balzarotti@iit.it X-Mlf-Version: 10.0.19.7431 X-Mlf-License: BSV_C_AP_T_R X-Mlf-UniqueId: o202302262054350185451 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 61627 X-Mailman-Approved-At: Sun, 26 Feb 2023 23:48:32 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi,=20 I'm on eb87d2c4 (just updated a 412(!) days old guix server O.o) and I can confirm this is still happening (btw, this is the only problem I had in upgrading, so great job guix) Thanks! Nicol=C3=B2 From debbugs-submit-bounces@debbugs.gnu.org Sun Mar 19 15:26:31 2023 Received: (at 61627) by debbugs.gnu.org; 19 Mar 2023 19:26:31 +0000 Received: from localhost ([127.0.0.1]:52784 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pdyfn-000584-6Q for submit@debbugs.gnu.org; Sun, 19 Mar 2023 15:26:31 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:52704) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pdyfj-00057q-Ot for 61627@debbugs.gnu.org; Sun, 19 Mar 2023 15:26:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Type:MIME-Version:Message-ID:Date: Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=LWXymXuWim11kwliRpYAldpfjxA2A+TL45uZDWFqWxk=; b=c3aSevPoMFbKZ4K0TUKsX7vLQj RqdEvZ3Jq8w9wOfhEiiZ07xmLUL8k5fXu1Bqou2I+9gqVxtHOkrgcPMi1onZhyK21GumNKsa2paKn D4aqt+jJHQ9xKg5ZSq7ArKQy7SA3AZkz2kHcOBIC4kj2lnR1rC5JX9gUBVJctUVAss7RFQKaPa3UE eGbBa6aYfVZQtIK/LeFSZ8pfZKdRZg+oRMBQ0e1KOj7OCMS7R30yhPioZfDsMIEEBIo+3xS7PPxVI nGdPGtivDmCRu03UvN/wiwOxktvaOOTU29SVPuiIYGS+PrNOxRve5ZdqbC/hiOimaQ2PkOd165UsD I6NI/Vlw==; Received: from [192.168.2.1] (port=36910 helo=localhost) by systemreboot.net with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1pdyfc-000bKD-0v; Mon, 20 Mar 2023 00:56:20 +0530 From: Arun Isaac To: 61627@debbugs.gnu.org, Bruno Victal , Ludovic =?utf-8?Q?Court=C3=A8s?= Subject: Re: Cannot start a container built with `guix system container --network'. Date: Sun, 19 Mar 2023 19:26:11 +0000 Message-ID: <873560bl0s.fsf@systemreboot.net> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 61627 Cc: Pierre Langlois X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Bruno and Ludo, This bug seems related to your commit 802ea1f3a43e5fb8d0b8bd2882954d8a6e49cde6 . Could you weigh in? https://issues.guix.gnu.org/61627 Thanks! Arun From debbugs-submit-bounces@debbugs.gnu.org Sun Mar 19 15:31:31 2023 Received: (at control) by debbugs.gnu.org; 19 Mar 2023 19:31:31 +0000 Received: from localhost ([127.0.0.1]:52803 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pdykc-0005IK-Sd for submit@debbugs.gnu.org; Sun, 19 Mar 2023 15:31:31 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:46792) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pdykZ-0005IA-Tm for control@debbugs.gnu.org; Sun, 19 Mar 2023 15:31:28 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Type:MIME-Version:Message-ID:Date: Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=FrwRjIZ+rfVYJyKyKhCOdVcNCSd04l78cjcyvSp/69c=; b=gQo/KAslbl4RYTzP2FszppMIyi PPOuMd2rZ74tJgMe/DSbswMQdsfCsNcTTWBC7sOpp4g6jn62kzVsFfMvf5CrUVERbaG2A1o36ifX6 PZ2GzC94z4s5XqB3hUB/FurhM8Do4a+c8dbLXJHXd3iPfIXVxKSqpxfwBZT4Gy7jo2+GTtUg1nnyW phGK8TlgjhdgAuS1GWZtvIQ2Rho/5p0940mtUcojPhnHKjsCXQeYrgfuw9e00lWPaHDC6eDfbeWi2 jP89NRjpAymyaXfx1YQKp8wNx9ZFgJWrdyk7apn4z//Nkif2781QW9lmCj9TSQlkU9maqowLeSgAL 2eOAWhZw==; Received: from [192.168.2.1] (port=38942 helo=localhost) by systemreboot.net with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1pdykU-000bLW-1D for control@debbugs.gnu.org; Mon, 20 Mar 2023 01:01:23 +0530 From: Arun Isaac To: control@debbugs.gnu.org Subject: Merge #61856 with #61627 Date: Sun, 19 Mar 2023 19:31:03 +0000 Message-ID: <87zg88a688.fsf@systemreboot.net> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) merge 61856 61627 thanks From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 20 13:46:43 2023 Received: (at 61627) by debbugs.gnu.org; 20 Mar 2023 17:46:43 +0000 Received: from localhost ([127.0.0.1]:56713 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1peJak-00060V-Mu for submit@debbugs.gnu.org; Mon, 20 Mar 2023 13:46:42 -0400 Received: from smtpm1.myservices.hosting ([185.26.105.232]:34720) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1peJai-0005zi-Tf for 61627@debbugs.gnu.org; Mon, 20 Mar 2023 13:46:41 -0400 Received: from mail1.netim.hosting (unknown [185.26.106.173]) by smtpm1.myservices.hosting (Postfix) with ESMTP id 1B1D72053D; Mon, 20 Mar 2023 18:46:38 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by mail1.netim.hosting (Postfix) with ESMTP id AD9378009A; Mon, 20 Mar 2023 18:46:32 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting Received: from mail1.netim.hosting ([127.0.0.1]) by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id TB9l8anU0pEf; Mon, 20 Mar 2023 18:46:32 +0100 (CET) Received: from [192.168.1.239] (unknown [10.192.1.83]) (Authenticated sender: lumen@makinata.eu) by mail1.netim.hosting (Postfix) with ESMTPSA id 059D280079; Mon, 20 Mar 2023 18:46:31 +0100 (CET) Message-ID: Date: Mon, 20 Mar 2023 17:46:23 +0000 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. Content-Language: en-US To: Pierre Langlois References: <87a619u22x.fsf@gmx.com> <873571u0vx.fsf@gmx.com> From: Bruno Victal In-Reply-To: <873571u0vx.fsf@gmx.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.1 (-) X-Debbugs-Envelope-To: 61627 Cc: arunisaac@systemreboot.net, =?UTF-8?Q?Ludovic_Court=c3=a8s?= , 61627@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.1 (--) Hi, On 2023-02-19 15:29, Pierre Langlois wrote: > > Pierre Langlois writes: > > Digging into the container script code, I think the reason is that when > sharing the network, it's supposed to remove any network-related > services from the containerized operating system. And it's not aware of > the new hosts-service-type. The following diff seems to fix the issue: > > --8<---------------cut here---------------start------------->8--- > diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm > index c2fd55d48e..9190d013bc 100644 > --- a/gnu/system/linux-container.scm > +++ b/gnu/system/linux-container.scm > @@ -49,9 +49,12 @@ (define* (container-essential-services os #:key shared-network?) > (define base > (remove (lambda (service) > (memq (service-kind service) > - (list (service-kind %linux-bare-metal-service) > - firmware-service-type > - system-service-type))) > + (cons* (service-kind %linux-bare-metal-service) > + firmware-service-type > + system-service-type > + (if shared-network? > + (list hosts-service-type) > + '())))) > (operating-system-default-essential-services os))) > > (cons (service system-service-type > --8<---------------cut here---------------end--------------->8--- > > I wonder if this is a full fix though, I see that we also remove network > related configuration files, using `%network-configuration-files', and I > wonder if "/etc/hosts" is still supposed to be there? > > --8<---------------cut here---------------start------------->8--- > (define %network-configuration-files > ;; List of essential network configuration files. > '("/etc/resolv.conf" > "/etc/nsswitch.conf" > "/etc/services" > "/etc/hosts")) > --8<---------------cut here---------------end--------------->8--- /etc/hosts is created by hosts-service-type, so if you remove that service it shouldn't be present anymore. Cheers, Bruno From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 21 08:54:11 2023 Received: (at 61627) by debbugs.gnu.org; 21 Mar 2023 12:54:11 +0000 Received: from localhost ([127.0.0.1]:57860 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pebVD-0005wI-9S for submit@debbugs.gnu.org; Tue, 21 Mar 2023 08:54:11 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:52826) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pebVA-0005w4-O0 for 61627@debbugs.gnu.org; Tue, 21 Mar 2023 08:54:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Type:MIME-Version:Message-ID:Date: References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=T8cZczDRKqis/klqktqKXzEzcJhYhYQYF1M2eypYLbI=; b=nLRBbtKHWhRr0itT/UEsdICanc 0aaJ30vPfi+RRBVMx6aLt5eZJ46QdAM5WgCsDDfoD9fG5BmxxRH/Wgtt8Ak32SnuFOogrhC37Eajr RrwbTM547pSTnbx0bdbqdMTq1ZSddhFFEwjCQ4jDnx3FQux1DG82dSAC8NTvUyMRaIQrUe3RV2Pgu KegNc6v6rjI9Bo93ENfW+b3B1ryXtwfa4xzble0E31JenlHFHAjDgWIgUQVATVjnoX5NSaLnuo4EU 1sjMLTSTm7wJ8kLntwJwqNGh8DyC0z9cBwpd11JultOajVBdX1KzIM+0jo1B/8eZJYfMpOnXGst0e s9eNzXyQ==; Received: from [192.168.2.1] (port=54746 helo=localhost) by systemreboot.net with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1pebV2-000guD-10; Tue, 21 Mar 2023 18:24:00 +0530 From: Arun Isaac To: Bruno Victal Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. In-Reply-To: References: <87a619u22x.fsf@gmx.com> <873571u0vx.fsf@gmx.com> Date: Tue, 21 Mar 2023 12:53:56 +0000 Message-ID: <87r0ti9sez.fsf@systemreboot.net> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 61627 Cc: Ludovic =?utf-8?Q?Court=C3=A8s?= , 61627@debbugs.gnu.org, Pierre Langlois X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Bruno, > /etc/hosts is created by hosts-service-type, so if you remove that service > it shouldn't be present anymore. That makes sense. There's one more question, though. Now that we are handling /etc/hosts using hosts-service-type, should /etc/hosts still be in %network-configuration-files? I believe this is what Pierre was asking. Thanks, Arun From debbugs-submit-bounces@debbugs.gnu.org Thu Mar 23 08:51:04 2023 Received: (at 61627) by debbugs.gnu.org; 23 Mar 2023 12:51:05 +0000 Received: from localhost ([127.0.0.1]:37486 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pfKPI-0006LG-N6 for submit@debbugs.gnu.org; Thu, 23 Mar 2023 08:51:04 -0400 Received: from smtpm5.myservices.hosting ([185.26.105.236]:56878) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pfKPG-0006Kt-I1 for 61627@debbugs.gnu.org; Thu, 23 Mar 2023 08:51:03 -0400 Received: from mail1.netim.hosting (unknown [185.26.106.173]) by smtpm5.myservices.hosting (Postfix) with ESMTP id 82D9B20CB7; Thu, 23 Mar 2023 13:50:59 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by mail1.netim.hosting (Postfix) with ESMTP id 2B31980097; Thu, 23 Mar 2023 13:50:59 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting Received: from mail1.netim.hosting ([127.0.0.1]) by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 82s3Rls3KI3q; Thu, 23 Mar 2023 13:50:58 +0100 (CET) Received: from [192.168.1.239] (unknown [10.192.1.83]) (Authenticated sender: lumen@makinata.eu) by mail1.netim.hosting (Postfix) with ESMTPSA id 8DACE8009D; Thu, 23 Mar 2023 13:50:58 +0100 (CET) Message-ID: <40ddadcf-6e5d-456f-a59f-371e60e7461d@makinata.eu> Date: Thu, 23 Mar 2023 12:50:58 +0000 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. Content-Language: en-US To: Arun Isaac References: <87a619u22x.fsf@gmx.com> <873571u0vx.fsf@gmx.com> <87r0ti9sez.fsf@systemreboot.net> From: Bruno Victal In-Reply-To: <87r0ti9sez.fsf@systemreboot.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -1.1 (-) X-Debbugs-Envelope-To: 61627 Cc: =?UTF-8?Q?Ludovic_Court=c3=a8s?= , 61627@debbugs.gnu.org, Pierre Langlois X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.1 (--) On 2023-03-21 12:53, Arun Isaac wrote: > > Hi Bruno, > >> /etc/hosts is created by hosts-service-type, so if you remove that service >> it shouldn't be present anymore. > > That makes sense. > > There's one more question, though. Now that we are handling /etc/hosts > using hosts-service-type, should /etc/hosts still be in > %network-configuration-files? I believe this is what Pierre was asking. I'm inclined to keep it in %network-configuration-files just to be safe. Strictly speaking, the file shouldn't be present when you remove hosts-service-type but you could, for $REASONS, have a template that has hosts-service-type removed from the essential-services and /etc/hosts manually provisioned using etc-service-type or special-service-type. Unless it's desirable to honor the /etc/hosts file configured in this manner, in which case you should remove it from %network-configuration-files to respect the users wishes, I'd say the file should be kept in %network-configuration-files to avoid some strange cases that may arise. I should say that I don't use `guix system container` so I'm not too familiar with what behavior is to be expected/“the correct one” here. Cheers, Bruno From debbugs-submit-bounces@debbugs.gnu.org Sat Mar 25 12:10:55 2023 Received: (at 61627) by debbugs.gnu.org; 25 Mar 2023 16:10:55 +0000 Received: from localhost ([127.0.0.1]:43298 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pg6Tm-0002x6-RD for submit@debbugs.gnu.org; Sat, 25 Mar 2023 12:10:55 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:37968) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pg6Tj-0002wv-M1 for 61627@debbugs.gnu.org; Sat, 25 Mar 2023 12:10:53 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Type:MIME-Version:Message-ID:Date: References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=iK5fLHRhnvx2rjv3acXum8Uo1kmT5wvRAl2EJg5JA1s=; b=LlVgR21fndGJmVyqx2VWeKVpdp E1M7Gd241N3hV2S7/csuWb8UWfacweFPZ1XXon+/4da21badyxrEkx8Ie9lQPo6HAiauYKBA2guL0 9dF4qnb0/RWkZVS4PZ/cshUENZQCpuJb8vD/xAeapHlVADgbVpPL60C9ro+2wvO7e3sJ9NRAzU8In 9JPoDRPIBRgL7/CL5DjO+Vi3CFm3F51bOFqZdFjY2m38jn6Yzmf0SIQrOz3Kgo/Ze7KjOuU0x+kZI qPJ9+/jh1rJ07bw9jIUISw7Z9FrlVaVF7wVE5iXHs8ii9URGTL8zRtSRVhhx+eMurnxHEvfEm6R6G 9HZCNELQ==; Received: from [192.168.2.1] (port=46298 helo=localhost) by systemreboot.net with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1pg6TX-000FMV-0v; Sat, 25 Mar 2023 21:40:40 +0530 From: Arun Isaac To: Bruno Victal Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. In-Reply-To: <40ddadcf-6e5d-456f-a59f-371e60e7461d@makinata.eu> References: <87a619u22x.fsf@gmx.com> <873571u0vx.fsf@gmx.com> <87r0ti9sez.fsf@systemreboot.net> <40ddadcf-6e5d-456f-a59f-371e60e7461d@makinata.eu> Date: Sat, 25 Mar 2023 16:10:31 +0000 Message-ID: <87mt403j7s.fsf@systemreboot.net> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 61627 Cc: Ludovic =?utf-8?Q?Court=C3=A8s?= , 61627@debbugs.gnu.org, Pierre Langlois X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) > I'm inclined to keep it in %network-configuration-files just to be > safe. I agree. I don't really understand the implications of removing /etc/hosts from %network-configuration-files. I would err on the side of caution and leave it there for now. @Pierre: Could you make a patch of the fix you suggested earlier (removing hosts-service-type when the --network flag is provided) and push it? Thank you! From debbugs-submit-bounces@debbugs.gnu.org Sun Mar 26 09:16:38 2023 Received: (at 61627) by debbugs.gnu.org; 26 Mar 2023 13:16:38 +0000 Received: from localhost ([127.0.0.1]:44261 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pgQEg-0000Qk-91 for submit@debbugs.gnu.org; Sun, 26 Mar 2023 09:16:38 -0400 Received: from mout.gmx.net ([212.227.17.21]:36233) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pgQEd-0000QW-Ci for 61627@debbugs.gnu.org; Sun, 26 Mar 2023 09:16:36 -0400 Received: from labiere ([82.69.64.142]) by mail.gmx.net (mrgmx105 [212.227.17.174]) with ESMTPSA (Nemesis) id 1MsHru-1qa31Z3LEg-00tmfE; Sun, 26 Mar 2023 15:16:23 +0200 References: <87a619u22x.fsf@gmx.com> <873571u0vx.fsf@gmx.com> <87r0ti9sez.fsf@systemreboot.net> <40ddadcf-6e5d-456f-a59f-371e60e7461d@makinata.eu> <87mt403j7s.fsf@systemreboot.net> User-agent: mu4e 1.8.13; emacs 28.2 From: Pierre Langlois To: Arun Isaac Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. Date: Sun, 26 Mar 2023 14:14:38 +0100 In-reply-to: <87mt403j7s.fsf@systemreboot.net> Message-ID: <87fs9rhcv3.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Provags-ID: V03:K1:i3aI3n6Cm6YNnKZfMFO/x1qkmUarxq4EG3Oth//BGEio0+po/FY AMnUY5HrrbJ/svmeWzReyuwTmpwoJ8VoxUudhsgPlHuY9fLAPBg7NlJMZRnDBmEXjEeGS2c 8JvO7BPGLj/25hU6Hif4UCnECOlGqvqBQpE23DHC+JZ5wpo+UM/s/H/9RlyFwWvAtJExuMs gRncqla57O+MaGbO6kNpw== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:AxrONTGgNAY=;7s1tyOqGGdZ1U5fxdrfomK8uWVr URN1SQXgIfEgu6p5v2STk8QVy/Gn2AWnMPJN658fhxpVm5TMVgokhd/K7BhpmjamtJ6PYPThl duua8J03zhDhcMrSrJK7qVq+N7lsfA+W0yi+FQ480luInp2qWOzf7/2AEz/r432D14ddma99F 3OZV6a/IY6J0Jj0+d6d/e7nxadY81wZO9i/HcBWXztwUnEh7uMphOxd9tcFMZl/K7+4Rx2Sc/ peVLg+xHVl8pRA/aomquUDStOwacESuqxDz6DvdLW59GkKszhzVeo4ikzgAcNya91LHlpMOzK 4c3jDhRQonYymSIR7WOp0vwI57AZ5D5GkBsBtxP9zjiQcbva2m7QAW6Lj5URxVAGfEc6pCWBq n+BeGk7C7440qtYXrPWI9QdAMFW+7m13Y4v8iTpa5y+zdPQ7qBlbvcZKqV3pV+Li5YgNvQtxZ GWfU3KLO9El7HNJjFxUvXKEJr+evGST4qmMDAFWNFCxietQlFvpsfgt0f/4SVemlysphvVsWN ka71GemXrkt+pCNdoCsf3Jms9SimJ2crJvGG6Ax+ngz4wJVntJIY4v4Or05V5gEvgrea9BZoW kFTN87lh9kE0v+btBmgcE0O25rPtsnGl9FIZHMu2CUOPeNn9h/8kV4eXSiPmQKJpzfIICjIuA iSIP+fVBJB17avvT0q8jgItbbB9D9QBIM63lxbwtPBI6MO3oXVFkm4gb72sJipZ/6QsIOf3e8 MqxNZ5TKM3cOchw5swutJWuAbRA53oAalE/jC9DbjiBwJJTVVULtMp+jvJwf2rg0EfcCYNAU7 5p88c3zngBGB50PMOax3to+C/oMzwxtaZTyCmYXMbclAMUOjgwdpADzF3cs4yQrRmG+5hyp32 GupBdJTxvFaM6PwlFNCCxtfYE/zLEWOh74AHKNapsVGobXx34wWqw5/gos/MLs3ySuem5NjK0 EliLUjoCrm+CZ+YNPiR1oYSHTYY= X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 61627 Cc: Ludovic =?utf-8?Q?Court=C3=A8s?= , Bruno Victal , 61627@debbugs.gnu.org, Pierre Langlois X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" --==-=-= Content-Type: text/plain Hi Arun and Bruno, Arun Isaac writes: >> I'm inclined to keep it in %network-configuration-files just to be >> safe. > > I agree. I don't really understand the implications of removing > /etc/hosts from %network-configuration-files. I would err on the side of > caution and leave it there for now. That sounds very sensible. > > @Pierre: Could you make a patch of the fix you suggested earlier > (removing hosts-service-type when the --network flag is provided) and > push it? Thank you! Sounds good! Just testing the following patch and will push it in a minute. --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmQgRaAYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31UrvAIAJJCduXIVsNgq38GcYUPzyZH AM91Yr6N7CHkWPQvVn0vGI4lfUxuXPeQb2QjP41iUwZGD2eaRJlmxw7FbUX76Npr 33h4ToIza31wBjLtYBeSBrBXEkQaX0i4XD0LuWU4mcNigiBlfzML7wOgpRuu6qte 6qxcjkO3TpgpkDYgimSdt68s8thSeMecPNXr+4TqzyikM6zSTkzzO0goReBQ3x9v fagzSVKzsoByAKnioG5sOiT/tj5yDjSJFdsZD2RmqPfBPUZWU0qZK8TICpOr8zvw ZvdJIdC7CwObz3eWYLlW6oHmN6pjQZh2ywbrmFiUF6OMmpOEPkZMbWY1Di9GblE= =otHo -----END PGP SIGNATURE----- --==-=-=-- --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: inline; filename=0001-linux-container-Remove-hosts-service-type-when-netwo.patch Content-Transfer-Encoding: quoted-printable >From 42fbe62d52a82d1003c3d7039d3c4a46806c5cee Mon Sep 17 00:00:00 2001 Message-Id: <42fbe62d52a82d1003c3d7039d3c4a46806c5cee.1679836531.git.pierre= .langlois@gmx.com> From: Pierre Langlois Date: Sun, 26 Mar 2023 13:55:14 +0100 Subject: [PATCH] linux-container: Remove hosts-service-type when network is shared. Fixes . * gnu/system/linux-container.scm (container-essential-services): When shared-network? is true, remove the hosts-service-type service kind. --- gnu/system/linux-container.scm | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index c2fd55d48e..409386a84f 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -5,6 +5,7 @@ ;;; Copyright =C2=A9 2020 Efraim Flashner ;;; Copyright =C2=A9 2020 Google LLC ;;; Copyright =C2=A9 2022 Ricardo Wurmus +;;; Copyright =C2=A9 2023 Pierre Langlois ;;; ;;; This file is part of GNU Guix. ;;; @@ -49,9 +50,12 @@ (define* (container-essential-services os #:key shared-n= etwork?) (define base (remove (lambda (service) (memq (service-kind service) - (list (service-kind %linux-bare-metal-service) - firmware-service-type - system-service-type))) + (cons* (service-kind %linux-bare-metal-service) + firmware-service-type + system-service-type + (if shared-network? + (list hosts-service-type) + '())))) (operating-system-default-essential-services os))) =20 (cons (service system-service-type --=20 2.39.2 --=-=-= Content-Type: text/plain Thanks, Pierre --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sun Mar 26 09:43:38 2023 Received: (at 61627-done) by debbugs.gnu.org; 26 Mar 2023 13:43:38 +0000 Received: from localhost ([127.0.0.1]:44281 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pgQeo-00015W-2g for submit@debbugs.gnu.org; Sun, 26 Mar 2023 09:43:38 -0400 Received: from mout.gmx.net ([212.227.17.21]:58863) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pgQem-00015G-4K for 61627-done@debbugs.gnu.org; Sun, 26 Mar 2023 09:43:36 -0400 Received: from labiere ([82.69.64.142]) by mail.gmx.net (mrgmx104 [212.227.17.174]) with ESMTPSA (Nemesis) id 1N3KPq-1qP4mC2TAI-010K2k; Sun, 26 Mar 2023 15:43:18 +0200 References: <87a619u22x.fsf@gmx.com> <873571u0vx.fsf@gmx.com> <87r0ti9sez.fsf@systemreboot.net> <40ddadcf-6e5d-456f-a59f-371e60e7461d@makinata.eu> <87mt403j7s.fsf@systemreboot.net> <87fs9rhcv3.fsf@gmx.com> User-agent: mu4e 1.8.13; emacs 28.2 From: Pierre Langlois To: 61627-done@debbugs.gnu.org Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. Date: Sun, 26 Mar 2023 14:41:53 +0100 In-reply-to: <87fs9rhcv3.fsf@gmx.com> Message-ID: <87v8infx1s.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Provags-ID: V03:K1:sstX/CcrfmegviXAeUMETlqGi3HJH+Cyu94lHnhkSN25SKcSnNc DDPWjLGQZOzUN/vX5DzfHudN+XNrBMWS1J3Fd7BbtdkYO8NT73nxL359GhLAJptoXZL5IfZ pUbYUMhnWv1AQ9YuAWLezbH8O5kkU93gryCKTl8T6TN1sQr+dxgpaPmsnOoL7GNjcCk8cdu AfL1i2JySxKWGJzuGLMyQ== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:/ZKs93g3uXw=;dATH/G2v/erQK8JNxRXjMAiSLCD F2dGMaPrLFm2Ve/ilwfdpBWOxOvuvGWxGX6oJJxrVsloAPnnMTvPCSkBxpZvEvRPrwn3V81OG rm51G54zcbh6STSJYSme4/MogBvLyW+p0RzrZ7Z1iu/w87tIPTyDbHE/BAmkd0WWP0bFRM2ry lVOf/V8NvzmbGYqTdU6QAZrXBhZkaAOVuiuAxnFNeTt5MRMx6G8WuYKK+FiMDmih2LdPvCHaC agHVLDkusKERBGwYObZ3st2u6PE+COnk6nDdGIo4AB7PhwxZqUecaYQjrinEupMDMFA1zGNGy pqgJUOeHiiwflwVGX98ym+IkLtSEsOOmGRY0x1H0XDnQMZXkoGm5fo6H99Xw8KVJmSIJhWyHc v7YP+nDfc1N4Y5jmQn2PI1Uma12221BJrNC6mSd8TdrxKtY1N3g7WKd8zvWn+VWtPy/TXWYSB ySdmKFpdSAD9jaFu1WA/zZo4anuSHxxgqf03jcSH3Atug+mYKCxa/xIjIXxuaJB+BlxW/fTrG W8Ck2OPQ5YwgQnY+j4OpqBJjlVYXJVXkU0IMlKb5Y3s3cYPr3CwgQEONQuU7qG6L0iVJ11PwD u6GAVvAQfzRfNZQAbg9AtoDXZs4C2JS8d1X63kB4vd2FVmSGWkB9MJHLsuVhWjdy18GBzhuSY nBjgJTD1mS45F+l73ll/z1YZXYkES044f9lDzXtPg7+dtrJFJh+4rNU+7FenRd+cGNCaLLr+v PPNoNYH73P7v45d6hDoTqZZEdhahGZwRN8BuBIzXIifzLDUVHiQ8xcu9WkKNA7+wjp6VHtMiv Gy75o+NThq0TsSqwhUSXDNxvWom8+9B1DYi4H+0PGsEGGi/pJIHz96Z6awyR1P7eYOED5ZbVB 79F+49PA+38hs52mQVOde/yFAgM5eHI+2ft3ACRMlIKL/JNj+5FO5OFKgDIlQIW8oPxJMZ5TK ZrZ/u5HuZ8/kLUXW+UzpQ0IcaKs= X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 61627-done Cc: Arun Isaac , Bruno Victal , Ludovic =?utf-8?Q?Court=C3=A8s?= , Pierre Langlois X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Pierre Langlois writes: > [[PGP Signed Part:Undecided]] > Hi Arun and Bruno, > > Arun Isaac writes: > >>> I'm inclined to keep it in %network-configuration-files just to be >>> safe. >> >> I agree. I don't really understand the implications of removing >> /etc/hosts from %network-configuration-files. I would err on the side of >> caution and leave it there for now. > > That sounds very sensible. > >> >> @Pierre: Could you make a patch of the fix you suggested earlier >> (removing hosts-service-type when the --network flag is provided) and >> push it? Thank you! > > Sounds good! Just testing the following patch and will push it in a > minute. > > [[End of PGP Signed Part]] > From 42fbe62d52a82d1003c3d7039d3c4a46806c5cee Mon Sep 17 00:00:00 2001 > Message-Id: <42fbe62d52a82d1003c3d7039d3c4a46806c5cee.1679836531.git.pierre.langlois@gmx.com> > From: Pierre Langlois > Date: Sun, 26 Mar 2023 13:55:14 +0100 > Subject: [PATCH] linux-container: Remove hosts-service-type when network is > shared. > > Fixes . > > * gnu/system/linux-container.scm (container-essential-services): When > shared-network? is true, remove the hosts-service-type service kind. Pushed as 42fbe62d52a82d1003c3d7039d3c4a46806c5cee Thanks, Pierre --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmQgS+8YHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31UD40H/0YLB4yGLx7ZT0gLAZmFvJ/h /SLM/ea7LBZDW8dz9GmUpgHdOSHYLiDSFrqQxkplE08mNvYSBl1KW4f7/MzsQSTy lA/t9tOhH4bt479etGMsOBH0sLD1o8cuh/hCfzD1bde9ob9pFlPkcHz6GQDeQFSr 0l0PLaVKLDQouHPWSpz870q6mXIYCLVxBP76x/LduP753qlTtCi2jBqEWKGTcmRk FwkITQEq7u8WrEQCLj7St6S8DlmG21D7R1uYaeVHu+N9cxNCAPLsme84F+t/58Wi 7/kBNxbHTLsOB4otblmEFlhhg6SNLH+k9sYnflCjvmCKCVczb8dirmJbq+7UKxU= =+oQx -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sun Mar 26 18:20:17 2023 Received: (at 61627-done) by debbugs.gnu.org; 26 Mar 2023 22:20:17 +0000 Received: from localhost ([127.0.0.1]:46071 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pgYin-0000lI-43 for submit@debbugs.gnu.org; Sun, 26 Mar 2023 18:20:17 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:37742) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pgYik-0000l7-3i for 61627-done@debbugs.gnu.org; Sun, 26 Mar 2023 18:20:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Type:MIME-Version:Message-ID:Date: References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=N0+cC7PeHwa1OohmuJEVz3MO6H6FY5MyEp5PI7djnZo=; b=qmfcjGdx4GnnTT7+hs0aKxjeRe oyX4Fm8DP+6JaYTMgsPG2PwQqc+vAr1AWrFKCEwuoTgOMRGwerWiIwIVx2SfHJFySUTGLGVkc3LUp KGliFx1KFam2JmvAoss0DbvK6heEg1z1PcP//86jUtRYxkGRGNmmHOnmBFfHfvoNi47DTA3sC8azj OZ7Re/ufX3+B8+sefQcKcS2tnGsPznEkob6L2mdgUBZ0WzJ0x0402lzgQEQSsxEP5ByYlfqxVNLYW ECfGRkMtpSyYtWJzRH9uuT8qdvvA/VEOqUjeIHdIegKW0JCJWrYWYZSwo34F+I1udGMb91flZEFtF LvXHj7LQ==; Received: from [192.168.2.1] (port=35684 helo=localhost) by systemreboot.net with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1pgYic-000JgD-1m; Mon, 27 Mar 2023 03:50:07 +0530 From: Arun Isaac To: Pierre Langlois , 61627-done@debbugs.gnu.org Subject: Re: bug#61627: Cannot start a container built with `guix system container --network'. In-Reply-To: <87v8infx1s.fsf@gmx.com> References: <87a619u22x.fsf@gmx.com> <873571u0vx.fsf@gmx.com> <87r0ti9sez.fsf@systemreboot.net> <40ddadcf-6e5d-456f-a59f-371e60e7461d@makinata.eu> <87mt403j7s.fsf@systemreboot.net> <87fs9rhcv3.fsf@gmx.com> <87v8infx1s.fsf@gmx.com> Date: Sun, 26 Mar 2023 23:20:03 +0100 Message-ID: <878rfj2m0c.fsf@systemreboot.net> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 61627-done Cc: Ludovic =?utf-8?Q?Court=C3=A8s?= , Bruno Victal X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) > Pushed as 42fbe62d52a82d1003c3d7039d3c4a46806c5cee Thank you, Pierre! :-) From unknown Fri Aug 15 04:02:52 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Mon, 24 Apr 2023 11:24:06 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator