(name . bug-guix)(address . bug-guix@gnu.org)
Hello Guix!
I noticed, while trying to expose the SSL environment variable inside a
container and doing things such as:
Toggle snippet (4 lines)
guix environment --container --network -E SSL --expose=$SSL_CERT_FILE \
--expose=$SSL_CERT_DIR --ad-hoc [...]
that it wasn't possible to expose things onto the implicitly mounted
current working directory. No error message would be shown, yet the
--expose arguments wouldn't go through unless using --no-cwd.
Here's a minimal example:
Toggle snippet (5 lines)
$ guix environment -C --expose=/tmp=$PWD/tmp \
--ad-hoc bash coreutils -- bash -c 'stat $PWD/tmp'
stat: cannot statx '/var/lib/jenkins/tmp': No such file or directory
but,
Toggle snippet (12 lines)
$ guix environment --no-cwd -C --expose=/tmp=$PWD/tmp \
--ad-hoc bash coreutils -- bash -c 'stat $PWD/tmp'
File: /var/lib/jenkins/tmp
Size: 73728 Blocks: 152 IO Block: 4096 directory
Device: fd00h/64768d Inode: 1966081 Links: 397
Access: (1777/drwxrwxrwt) Uid: (65534/ UNKNOWN) Gid: (65534/overflow)
Access: 2021-02-25 20:40:08.534757708 +0000
Modify: 2021-02-25 21:10:49.205636074 +0000
Change: 2021-02-25 21:10:49.205636074 +0000
Birth: 2016-12-07 20:43:16.029221570 +0000
succeeds.
I can't think of a technical reason why layering bind mounts wouldn't
work; in fact it already appear to work for multiple --expose options
touching the same hierarchy of files.
If there's a technical reason this cannot/shouldn't happen, we should
warn the user about it.
Thanks,
Maxim