summary refs log tree commit diff
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2014-04-19 13:02:13 +0200
committerEelco Dolstra <eelco.dolstra@logicblox.com>2014-04-19 13:14:51 +0200
commitb03a2f9e9022f3e56bcf935eaa8d385bd1e5b374 (patch)
tree81b7e1e250d4c4e631aae32b13743018c76b4eaf
parent9f1c9404da858eb6347493190e40e59c7f81f2c8 (diff)
downloadnixlib-b03a2f9e9022f3e56bcf935eaa8d385bd1e5b374.tar
nixlib-b03a2f9e9022f3e56bcf935eaa8d385bd1e5b374.tar.gz
nixlib-b03a2f9e9022f3e56bcf935eaa8d385bd1e5b374.tar.bz2
nixlib-b03a2f9e9022f3e56bcf935eaa8d385bd1e5b374.tar.lz
nixlib-b03a2f9e9022f3e56bcf935eaa8d385bd1e5b374.tar.xz
nixlib-b03a2f9e9022f3e56bcf935eaa8d385bd1e5b374.tar.zst
nixlib-b03a2f9e9022f3e56bcf935eaa8d385bd1e5b374.zip
Set personality when running a 32-bit container on a 64-bit host
Diffstat
-rw-r--r--nixos/modules/system/activation/top-level.nix1


-rw-r--r--nixos/modules/virtualisation/containers.nix13


2 files changed, 11 insertions, 3 deletions
diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix
index a4a0d14df6ab..7cdaecce198e 100644
--- a/nixos/modules/system/activation/top-level.nix
+++ b/nixos/modules/system/activation/top-level.nix
@@ -68,6 +68,7 @@ let
       echo -n "$configurationName" > $out/configuration-name
       echo -n "systemd ${toString config.systemd.package.interfaceVersion}" > $out/init-interface-version
       echo -n "$nixosVersion" > $out/nixos-version
+      echo -n "$system" > $out/system
 
       mkdir $out/fine-tune
       childCount=0
diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix
index 4ce113f10ee8..4fca872d72eb 100644
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@@ -176,7 +176,6 @@ in
               "/nix/var/nix/profiles/per-container/$INSTANCE" \
               "/nix/var/nix/gcroots/per-container/$INSTANCE"
 
-            SYSTEM_PATH=/nix/var/nix/profiles/system
             if [ -f "/etc/containers/$INSTANCE.conf" ]; then
               . "/etc/containers/$INSTANCE.conf"
             fi
@@ -212,14 +211,22 @@ in
               extraFlags="--capability=CAP_NET_ADMIN"
             fi
 
+            # If the host is 64-bit and the container is 32-bit, add a
+            # --personality flag.
+            ${optionalString (config.nixpkgs.system == "x86_64-linux") ''
+              if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then
+                extraFlags+=" --personality=x86"
+              fi
+            ''}
+
             exec $runInNetNs ${config.systemd.package}/bin/systemd-nspawn \
-              -M "$INSTANCE" -D "/var/lib/containers/$INSTANCE" $extraFlags \
+              -M "$INSTANCE" -D "$root" $extraFlags \
               --bind-ro=/nix/store \
               --bind-ro=/nix/var/nix/db \
               --bind-ro=/nix/var/nix/daemon-socket \
               --bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \
               --bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \
-              "$SYSTEM_PATH/init"
+              "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init"
           '';
 
         postStart =

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-01 10:43:33 +0000