GNU bug report logs - #70494
[PATCH 00/23] Groundwork for the Guile guix-daemon

Previous Next

Package: guix-patches;

Reported by: Christopher Baines <mail <at> cbaines.net>

Date: Sun, 21 Apr 2024 09:37:01 UTC

Severity: normal

Tags: patch

Full log

Message #80 received at 70494 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Christopher Baines <mail <at> cbaines.net>
Cc: 70494 <at> debbugs.gnu.org
Subject: Re: [bug#70494] [PATCH 02/23] gnu: linux-container: Make it more
 suitable for derivation-building.
Date: Tue, 07 May 2024 16:28:46 +0200

Christopher Baines <mail <at> cbaines.net> skribis:

> From: Caleb Ristvedt <caleb.ristvedt <at> cune.org>
>
> * gnu/build/linux-container.scm (mount-file-systems): First remount all
> filesystems in the current mount namespace as private (by mounting / with
> MS_PRIVATE and MS_REC), so that the set of mounts cannot increase except from
> within the container.  Also, the tmpfs mounted over the chroot directory now
> inherits the chroot directory's permissions (p11-kit, for example, has a test
> that assumes that the root directory is not writable for the current user, and
> tmpfs is by default 1777 when created).
> * guix/build/syscalls.scm (MS_PRIVATE, MS_REC): new variables.

LGTM (though the log seems to describe more than the changes?).
This bug report was last modified 1 year and 28 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.