diff options
author | Ludovic Courtès <ludo@gnu.org> | 2019-10-03 22:19:11 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2019-10-03 23:48:59 +0200 |
commit | 5a02f8e3842c19d28f39e5b47d804ef70e1b3160 (patch) | |
tree | 9cc45125f032b6691fccb232f580a2ffe0a91294 /guix | |
parent | 9a68b89e8ab47b6e3297dc82bde576f4c70a6a2a (diff) |
environment: '--container' honors '--preserve'.
* guix/scripts/environment.scm (launch-environment/container): Add
#:white-list parameter and honor it.
(guix-environment): Pass #:white-list to 'launch-environment/container'.
* tests/guix-environment-container.sh: Add test.
Diffstat (limited to 'guix')
-rw-r--r-- | guix/scripts/environment.scm | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm index 535f181bfd..4a51654ce6 100644 --- a/guix/scripts/environment.scm +++ b/guix/scripts/environment.scm @@ -452,7 +452,7 @@ regexps in WHITE-LIST." (define* (launch-environment/container #:key command bash user user-mappings profile manifest link-profile? network? - map-cwd?) + map-cwd? (white-list '())) "Run COMMAND within a container that features the software in PROFILE. Environment variables are set according to the search paths of MANIFEST. The global shell is BASH, a file name for a GNU Bash binary in the @@ -461,7 +461,10 @@ USER-MAPPINGS, a list of file system mappings, contains the user-specified host file systems to mount inside the container. If USER is not #f, each target of USER-MAPPINGS will be re-written relative to '/home/USER', and USER will be used for the passwd entry. LINK-PROFILE? creates a symbolic link from -~/.guix-profile to the environment profile." +~/.guix-profile to the environment profile. + +Preserve environment variables whose name matches the one of the regexps in +WHILE-LIST." (define (optional-mapping->fs mapping) (and (file-exists? (file-system-mapping-source mapping)) (file-system-mapping->bind-mount mapping))) @@ -487,6 +490,11 @@ will be used for the passwd entry. LINK-PROFILE? creates a symbolic link from (group-entry (gid 65534) ;the overflow GID (name "overflow")))) (home-dir (password-entry-directory passwd)) + (environ (filter (match-lambda + ((variable . value) + (find (cut regexp-exec <> variable) + white-list))) + (get-environment-variables))) ;; Bind-mount all requisite store items, user-specified mappings, ;; /bin/sh, the current working directory, and possibly networking ;; configuration files within the container. @@ -555,6 +563,12 @@ will be used for the passwd entry. LINK-PROFILE? creates a symbolic link from (override-user-dir user home cwd) home-dir)) + ;; Set environment variables that match WHITE-LIST. + (for-each (match-lambda + ((variable . value) + (setenv variable value))) + environ) + (primitive-exit/status ;; A container's environment is already purified, so no need to ;; request it be purified again. @@ -759,6 +773,7 @@ message if any test fails." #:user-mappings mappings #:profile profile #:manifest manifest + #:white-list white-list #:link-profile? link-prof? #:network? network? #:map-cwd? (not no-cwd?)))) |