diff options
author | aszlig <aszlig@redmoonstudios.org> | 2016-09-07 18:00:06 +0200 |
---|---|---|
committer | aszlig <aszlig@redmoonstudios.org> | 2016-09-07 18:10:08 +0200 |
commit | dd98b6fb9f35544201ed66733af40ff822ba8c36 (patch) | |
tree | 53ca9a676e5d51c86539e0637c171476dd820cd2 /nixos | |
parent | 67959521490d7308084a9d8e9300125f16a5697a (diff) | |
download | nixlib-dd98b6fb9f35544201ed66733af40ff822ba8c36.tar nixlib-dd98b6fb9f35544201ed66733af40ff822ba8c36.tar.gz nixlib-dd98b6fb9f35544201ed66733af40ff822ba8c36.tar.bz2 nixlib-dd98b6fb9f35544201ed66733af40ff822ba8c36.tar.lz nixlib-dd98b6fb9f35544201ed66733af40ff822ba8c36.tar.xz nixlib-dd98b6fb9f35544201ed66733af40ff822ba8c36.tar.zst nixlib-dd98b6fb9f35544201ed66733af40ff822ba8c36.zip |
nixos/stage2: Fix mounting special filesystems
This partially reverts commit ab9537ca22ce3fd4efc1795c58105504022d0c48. From the manpage of systemd-nspawn(1): Note that systemd-nspawn will mount file systems private to the container to /dev, /run and similar. Testing this in a shell turns out: $ sudo systemd-nspawn --bind-ro=/nix/store "$(readlink "$(which ls)")" /proc Spawning container aszlig on /home/aszlig. Press ^] three times within 1s to kill container. /etc/localtime does not point into /usr/share/zoneinfo/, not updating container timezone. 1 execdomains kpageflags stat acpi fb loadavg swaps asound filesystems locks sys buddyinfo fs meminfo sysrq-trigger bus interrupts misc sysvipc cgroups iomem modules thread-self cmdline ioports mounts timer_list config.gz irq mtrr timer_stats consoles kallsyms net tty cpuinfo kcore pagetypeinfo uptime crypto key-users partitions version devices keys scsi vmallocinfo diskstats kmsg self vmstat dma kpagecgroup slabinfo zoneinfo driver kpagecount softirqs Container aszlig exited successfully. So the test on whether PID 1 exists in /proc is enough, because if we use PID namespaces there actually _is_ a PID 1 (as shown above) and the special file systems are already mounted. A test on the $containers variable actually mounts them twice. This unbreaks NixOS containers and I've tested this against the containers-imperative NixOS test. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @rickynils, @shlevy, @edolstra
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/system/boot/stage-2-init.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/system/boot/stage-2-init.sh b/nixos/modules/system/boot/stage-2-init.sh index 590c2b9a1410..ae88222f2780 100644 --- a/nixos/modules/system/boot/stage-2-init.sh +++ b/nixos/modules/system/boot/stage-2-init.sh @@ -36,7 +36,7 @@ fi # Likewise, stage 1 mounts /proc, /dev and /sys, so if we don't have a # stage 1, we need to do that here. -if [ ! -e /proc/1 ] || [ -n "$container" ]; then +if [ ! -e /proc/1 ]; then specialMount() { local device="$1" local mountPoint="$2" |