Hi Danny, Danny Milosavljevic <dan...@scratchpost.org> skribis:
> On Fri, 06 Nov 2020 13:47:02 +0100 > zimoun <zimon.touto...@gmail.com> wrote: > >> On Fri, 06 Nov 2020 at 10:59, Ludovic Courtès <l...@gnu.org> wrote: >> >> > guix pack guix -f docker -S /bin=bin \ >> > --entry-point="bin/guix-daemon --disable-chroot" > > Why --disable-chroot here? (I'm not objecting to it) Because otherwise the container needs to be started with ‘--privileged’ if I’m not mistaken. But maybe that’s OK? > Note: guix-daemon needs a usergroup in order to actually usefully build > things, with at least one member user. So to me that means we need to augment ‘guix pack -f docker’ so it can add the right Docker metadata regarding user accounts. > If Docker actually has first-class composition operators (I don't know), then > that should not go into the same image--but that means the end user has to > provide a /etc/group and /etc/passwd with at least the "guixbuild" group and > at least one member in that group as a composable image[maybe 1] in order > for guix-daemon to actually work. > > Also, guix needs /etc/services for http and https and so on to resolve. Right, it’s just about adding ‘net-base’ to the image. Thanks, Ludo’.
