3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/nixos/modules/system/boot
aszlig dd98b6fb9f
nixos/stage2: Fix mounting special filesystems
This partially reverts commit ab9537ca22.

From the manpage of systemd-nspawn(1):

  Note that systemd-nspawn will mount file systems private to the
  container to /dev, /run and similar.

Testing this in a shell turns out:

$ sudo systemd-nspawn --bind-ro=/nix/store "$(readlink "$(which ls)")" /proc
Spawning container aszlig on /home/aszlig.
Press ^] three times within 1s to kill container.
/etc/localtime does not point into /usr/share/zoneinfo/, not updating
container timezone.
1          execdomains  kpageflags    stat
acpi       fb           loadavg       swaps
asound     filesystems  locks         sys
buddyinfo  fs           meminfo       sysrq-trigger
bus        interrupts   misc          sysvipc
cgroups    iomem        modules       thread-self
cmdline    ioports      mounts        timer_list
config.gz  irq          mtrr          timer_stats
consoles   kallsyms     net           tty
cpuinfo    kcore        pagetypeinfo  uptime
crypto     key-users    partitions    version
devices    keys         scsi          vmallocinfo
diskstats  kmsg         self          vmstat
dma        kpagecgroup  slabinfo      zoneinfo
driver     kpagecount   softirqs
Container aszlig exited successfully.

So the test on whether PID 1 exists in /proc is enough, because if we
use PID namespaces there actually _is_ a PID 1 (as shown above) and the
special file systems are already mounted. A test on the $containers
variable actually mounts them twice.

This unbreaks NixOS containers and I've tested this against the
containers-imperative NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @rickynils, @shlevy, @edolstra
2016-09-07 18:10:08 +02:00
..
loader Fixes #14831 by using full path for binaries used in install-grub.pl 2016-09-01 10:36:38 +02:00
coredump.nix systemd-coredump: Add systemd service and fix sysctl pattern. 2016-07-10 18:07:37 +10:00
emergency-mode.nix
initrd-network.nix initrd-network: call postCommands only if network is up 2016-02-03 16:35:21 +03:00
initrd-ssh.nix initrd-ssh service: ensure that keys got copied into initrd 2016-08-23 16:20:26 +03:00
kernel.nix nixos treewide: don't set MODULE_DIR 2016-08-19 17:56:54 +03:00
kexec.nix
luksroot.nix nixos/luksroot: Reference correct output of openssl 2016-08-04 23:12:39 +03:00
modprobe.nix nixos treewide: don't set MODULE_DIR 2016-08-19 17:56:54 +03:00
networkd.nix networkd.module: remove before network-online 2016-09-05 15:03:35 +02:00
pbkdf2-sha512.c
plymouth.nix plymouth service: stop splash screen before a failure prompt 2016-07-18 13:45:37 +03:00
readonly-mountpoint.c
resolved.nix modules.resolved: Enhance by upstream options (#15897) 2016-06-26 22:58:04 +02:00
shutdown.nix
stage-1-init.sh nixos filesystems: unify early filesystems handling 2016-08-27 13:38:20 +03:00
stage-1.nix nixos filesystems: unify early filesystems handling 2016-08-27 13:38:20 +03:00
stage-2-init.sh nixos/stage2: Fix mounting special filesystems 2016-09-07 18:10:08 +02:00
stage-2.nix nixos filesystems: unify early filesystems handling 2016-08-27 13:38:20 +03:00
systemd-lib.nix systemd: make ctrl-alt-del target configurable. (#16911) 2016-07-19 09:42:53 +02:00
systemd-unit-options.nix systemd-unit-options: startAt can be a list 2016-09-01 00:39:36 +02:00
systemd.nix systemd: add some missing upstream units 2016-09-05 15:03:46 +02:00
timesyncd.nix
tmp.nix