Browse Source

file-systems: mount the PID cgroup filesystem.

* gnu/system/file-systems.scm (%control-groups): Add "pids".
* gnu/services/docker.scm (docker-shepherd-service): Resolve a TODO.

This has allowed me to make a specific configuration of nsjail work.
gn-latest-20200428
Jakub Kądziołka 1 year ago
parent
commit
2ef4d273d1
No known key found for this signature in database GPG Key ID: E315A75846131564
  1. 3
      gnu/services/docker.scm
  2. 3
      gnu/system/file-systems.scm

3
gnu/services/docker.scm

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2018 Danny Milosavljevic <dannym@scratchpost.org>
;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
;;;
;;; This file is part of GNU Guix.
;;;
@ -94,7 +95,7 @@ loop-back communications.")
file-system-/sys/fs/cgroup/cpuset
file-system-/sys/fs/cgroup/devices
file-system-/sys/fs/cgroup/memory
; TODO: file-system-/sys/fs/cgroup/pids
file-system-/sys/fs/cgroup/pids
networking
udev))
(start #~(make-forkexec-constructor

3
gnu/system/file-systems.scm

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
;;;
;;; This file is part of GNU Guix.
;;;
@ -389,7 +390,7 @@ TARGET in the other system."
;; parent directory.
(dependencies (list parent))))
'("cpuset" "cpu" "cpuacct" "memory" "devices" "freezer"
"blkio" "perf_event")))))
"blkio" "perf_event" "pids")))))
(define %elogind-file-systems
;; We don't use systemd, but these file systems are needed for elogind,

Loading…
Cancel
Save