David Thompson <dthomps...@worcester.edu> skribis: > From: David Thompson <da...@gnu.org> > > * guix/build/syscalls.scm (setns): New procedure. > * tests/syscalls.scm: Test it.
[...] > + (lambda (fdes nstype) > + "Reassociate the current process with the namespace specified by FDES. “... by FDES, a file descriptor obtained by opening a /proc/PID/ns/* files.” > +(test-assert "setns" > + (match (clone (logior CLONE_NEWUSER)) > + (0 (primitive-exit 0)) > + (clone-pid > + (match (pipe) > + ((in . out) > + (match (primitive-fork) > + (0 > + (close in) > + (call-with-input-file (user-namespace clone-pid) > + (lambda (port) > + (setns (port->fdes port) 0))) > + (write 'done out) > + (close out) > + (primitive-exit 0)) > + (fork-pid > + (close out) > + ;; Wait for the child process to join the namespace. > + (read in) > + (equal? (readlink (user-namespace clone-pid)) > + (readlink (user-namespace fork-pid)))))))))) Add a waipid call for both CLONE-PID and FORK-PID to make sure nothing’s left behind. OK with these changes! Ludo’.
