summaryrefslogtreecommitdiff
path: root/guix
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2019-10-03 22:19:11 +0200
committerLudovic Courtès <ludo@gnu.org>2019-10-03 23:48:59 +0200
commit5a02f8e3842c19d28f39e5b47d804ef70e1b3160 (patch)
tree9cc45125f032b6691fccb232f580a2ffe0a91294 /guix
parent9a68b89e8ab47b6e3297dc82bde576f4c70a6a2a (diff)
environment: '--container' honors '--preserve'.
* guix/scripts/environment.scm (launch-environment/container): Add #:white-list parameter and honor it. (guix-environment): Pass #:white-list to 'launch-environment/container'. * tests/guix-environment-container.sh: Add test.
Diffstat (limited to 'guix')
-rw-r--r--guix/scripts/environment.scm19
1 files changed, 17 insertions, 2 deletions
diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm
index 535f181bfd..4a51654ce6 100644
--- a/guix/scripts/environment.scm
+++ b/guix/scripts/environment.scm
@@ -452,7 +452,7 @@ regexps in WHITE-LIST."
(define* (launch-environment/container #:key command bash user user-mappings
profile manifest link-profile? network?
- map-cwd?)
+ map-cwd? (white-list '()))
"Run COMMAND within a container that features the software in PROFILE.
Environment variables are set according to the search paths of MANIFEST.
The global shell is BASH, a file name for a GNU Bash binary in the
@@ -461,7 +461,10 @@ USER-MAPPINGS, a list of file system mappings, contains the user-specified
host file systems to mount inside the container. If USER is not #f, each
target of USER-MAPPINGS will be re-written relative to '/home/USER', and USER
will be used for the passwd entry. LINK-PROFILE? creates a symbolic link from
-~/.guix-profile to the environment profile."
+~/.guix-profile to the environment profile.
+
+Preserve environment variables whose name matches the one of the regexps in
+WHILE-LIST."
(define (optional-mapping->fs mapping)
(and (file-exists? (file-system-mapping-source mapping))
(file-system-mapping->bind-mount mapping)))
@@ -487,6 +490,11 @@ will be used for the passwd entry. LINK-PROFILE? creates a symbolic link from
(group-entry (gid 65534) ;the overflow GID
(name "overflow"))))
(home-dir (password-entry-directory passwd))
+ (environ (filter (match-lambda
+ ((variable . value)
+ (find (cut regexp-exec <> variable)
+ white-list)))
+ (get-environment-variables)))
;; Bind-mount all requisite store items, user-specified mappings,
;; /bin/sh, the current working directory, and possibly networking
;; configuration files within the container.
@@ -555,6 +563,12 @@ will be used for the passwd entry. LINK-PROFILE? creates a symbolic link from
(override-user-dir user home cwd)
home-dir))
+ ;; Set environment variables that match WHITE-LIST.
+ (for-each (match-lambda
+ ((variable . value)
+ (setenv variable value)))
+ environ)
+
(primitive-exit/status
;; A container's environment is already purified, so no need to
;; request it be purified again.
@@ -759,6 +773,7 @@ message if any test fails."
#:user-mappings mappings
#:profile profile
#:manifest manifest
+ #:white-list white-list
#:link-profile? link-prof?
#:network? network?
#:map-cwd? (not no-cwd?))))