void-runit icon indicating copy to clipboard operation
void-runit copied to clipboard

Published 20 hours ago verified publisher icon void-linux

pass VIRTUALIZATION var to runsvdir for scripts

Open sbromberger opened this issue 2 years ago • 8 comments

This fixes the issues identified in https://github.com/void-linux/void-runit/pull/101 where the VIRTUALIZATION environment variable exported in /etc/runit/1 is not available to runsv scripts. Allowing this will permit runsv services to do different things based on whether they're running in a container or not. (See https://github.com/void-linux/void-packages/pull/41273 for an example of when this would be needed - this PR needs some modifications but it will be able to use this variable to determine which setup commands to run.)

Supersedes and obviates https://github.com/void-linux/void-runit/pull/101

sbromberger avatar Dec 24 '22 21:12 sbromberger

cc @CameronNemo

sbromberger avatar Dec 24 '22 21:12 sbromberger

I don't like exporting that variable, this is not a standard and we shouldn't have to invent things and then depend on just for one service run script. The run script could just be changed to not exit if modprobe fails or use some other command to check if the module is loaded first and otherwise try modprobe and exit.

Duncaen avatar Dec 24 '22 23:12 Duncaen

The run script could just be changed to not exit if modprobe fails or use some other command to check if the module is loaded first and otherwise try modprobe and exit.

That's what I had originally (https://github.com/void-linux/void-packages/pull/41272) but it turns out that you also need a different cgroups mount if you're in a container. You can put it in /etc/rc.local but that can't be part of the install process and needs to be documented somewhere.

Having a way for runsv to determine whether or not you're in a container is really useful.

sbromberger avatar Dec 25 '22 02:12 sbromberger

@sbromberger cgroups mounting is handled in this repo, in the pseudofs "core service".

CameronNemo avatar Dec 25 '22 03:12 CameronNemo

@Duncaen - Is it your recommendation that we re-implement the functionality of detect_virt within the runsv scripts that require it by grepping through /proc/1/environ ? This seems a bit wasteful when the work has already been done in 1, but I can certainly modify the run script to do this.

sbromberger avatar Dec 25 '22 03:12 sbromberger

@CameronNemo this is a special cgroups mount for docker: https://github.com/void-linux/void-packages/blob/7ac4f42d9795a6bd0e8c523fd70cb6ab9fe902fc/srcpkgs/moby/files/docker/run#L6 is the way it's currently done, but this doesn't work in containers: you need mount -t cgroup2 cgroup2 /sys/fs/cgroup/ instead.

sbromberger avatar Dec 25 '22 03:12 sbromberger

#103 before I lose my train of thought

CameronNemo avatar Dec 25 '22 04:12 CameronNemo

relevant past discussion: https://github.com/void-linux/void-docs/pull/151#issuecomment-671138650

CameronNemo avatar Dec 25 '22 04:12 CameronNemo