GNU bug report logs - #77638
[PATCH 0/8] Harden 'call-with-container'

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Tue, 8 Apr 2025 12:23:02 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #35 received at 77638 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: Josselin Poiret <dev <at> jpoiret.xyz>,
 Simon Tournier <zimon.toutoune <at> gmail.com>, Mathieu Othacehe <othacehe <at> gnu.org>,
 Tobias Geerinckx-Rice <me <at> tobias.gr>, 77638 <at> debbugs.gnu.org,
 Christopher Baines <guix <at> cbaines.net>
Subject: Re: [bug#77638] [PATCH 5/8] environment: Add ‘--writable-root’ and default to read-only root.
Date: Mon, 05 May 2025 14:44:27 +0200

Pushed, thanks for taking a look!

I added a news entry as well:

  8745239dd2 * news: Add entry for ‘guix shell --writable-root’.
  a57ed987ff * linux-container: Lock mounts by default.
  e1a0171a56 * linux-container: Set up “lo” and generate /etc/hosts by default.
  3aa132e8c3 * syscalls: Add ‘get-user-ns’.
  ce363c1dc7 * environment: Add ‘--writable-root’ and default to read-only root.
  7d28e6512c * guix home: ‘container’ provides a read-only root file system.
  a391394a22 * linux-container: Support having a read-only root file system.
  acc4215644 * guix home: ‘container’ explicitly mounts $HOME and /run/user/1000.
  d4c3b31b86 * linux-container: Add #:mounts to ‘eval/container’.

Ludo’.

This bug report was last modified 65 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #77638 [PATCH 0/8] Harden 'call-with-container'

GNU bug report logs - #77638
[PATCH 0/8] Harden 'call-with-container'