Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert "nixos-container: use systemd-run instead of nsenter" #83392

Merged

Conversation

@Ma27
Copy link
Member

@Ma27 Ma27 commented Mar 26, 2020

Motivation for this change

⚠️ Please note that I'll only revert this on release-20.03 for now to get rid of the regression within the container-backend of nixops. After merging this, an issue should be opened to track further changes (to use the original commit without further regressions on 20.09).


This reverts commit 7cb100b.

This appears to break at least the container-backend of nixops: when
running switch-to-configuration within nixos-container run, the
running systemd-instance gets reloaded which appears to kill the
systemd-run command and causes nixos-container run to hang.

The full issue is reported in the original PR[1].

[1] #67332 (comment)

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
This reverts commit 7cb100b.

This appears to break at least the `container`-backend of `nixops`: when
running `switch-to-configuration` within `nixos-container run`, the
running `systemd`-instance gets reloaded which appears to kill the
`systemd-run` command and causes `nixos-container run` to hang.

The full issue is reported in the original PR[1].

[1] #67332 (comment)
@Ma27
Copy link
Member Author

@Ma27 Ma27 commented Mar 26, 2020

Please note that I didn't test it sufficiently as I need to build a fresh kernel on latest release-20.03 to run the tests 😅

Tests are passing locally as well 🎉

@GrahamcOfBorg test containers-imperative

Copy link
Contributor

@uvNikita uvNikita left a comment

This should be safe to revert since we don't have support for unprivileged containers yet anyway. Thanks for looking into it!

@arianvp
Copy link
Member

@arianvp arianvp commented Mar 26, 2020

lgtm

@worldofpeace worldofpeace merged commit a3a02d6 into NixOS:release-20.03 Mar 26, 2020
15 checks passed
15 checks passed
Evaluation Performance Report Evaluator Performance Report
Details
grahamcofborg-eval ^.^!
Details
grahamcofborg-eval-check-maintainers matching changed paths to changed attrs...
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-darwin nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A darwin-tested
Details
grahamcofborg-eval-nixos nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release-combined.nix -A tested
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A manual
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A options
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A manual
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A tarball
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A unstable
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details
tests.containers-imperative on aarch64-linux Success
Details
tests.containers-imperative on x86_64-linux Success
Details
@worldofpeace
Copy link
Member

@worldofpeace worldofpeace commented Mar 26, 2020

@Ma27 Is there a PR for master with this as well? If we don't do that it's less likely it will be fixed. (I did read your header)

@Ma27 Ma27 deleted the Ma27:nixos-container-nsenter-20.03 branch Mar 26, 2020
@Ma27
Copy link
Member Author

@Ma27 Ma27 commented Mar 26, 2020

Is there a PR for master with this as well? If we don't do that it's less likely it will be fixed. (I did read your header)

I would've opened a tracking issue to fix it properly. Or do you prefer a revert for master as well?

@worldofpeace
Copy link
Member

@worldofpeace worldofpeace commented Mar 26, 2020

Is there a PR for master with this as well? If we don't do that it's less likely it will be fixed. (I did read your header)

I would've opened a tracking issue to fix it properly. Or do you prefer a revert for master as well?

I'd actually say both since we should be using systemd-run eventually.

@Ma27
Copy link
Member Author

@Ma27 Ma27 commented Mar 26, 2020

I forward-ported it to master: ebb6e38
Also opened #83432

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants
You can’t perform that action at this time.