Am Mittwoch, den 04.11.2020, 18:05 +0800 schrieb Zhu Zihao: > Leo Prikler writes: > > > launch-environment/container still assumes the command to be a > > shell > > script, which I think is not quite what you want. You probably > > want to > > take a look at call-with-container from (guix build linux- > > container) or > > child-hurds. > > I just read the source code of call-with-container. IMO, it just run > code in container, without any settings. It's quite inconvenient for > my > usage. For example: I have to setup mount binding of my package > closure manually. Indeed, but in my opinion it also has much of what you'd want for an entry script, does it not? You start with zero settings, then configure the environment in whichever fashion you need, then call some other function. I think like this could be a stepping stone for some higher level abstraction, that you would have to write on your own once, but could then reuse more or less indefinitely. Particularly, you would have to copy the parts of Guix that create the environment and then just figure out how to securely spawn a function inside it, that can't escape the container environment, instead of running shell code.
> > I currently don't know of any procedure, that "directly" invokes > > Scheme > > code through Guix environments, so you'd have to build that on your > > own. However, given that your stated goal is to port container > > entry > > scripts [I read this as "the script called by the container at > > entry"] > > to Guile, would it not make sense to have > > > > (guix-environment [ENVIRONMENT OPTIONS] "--" "guile" "entry.scm") > > > > WDYT? > > > > Regards, Leo > > Hmmm, maybe this is the solution, tho it's not very very elegant. For the record, what you do want is something à la (call-in-container-environment THUNK MANIFEST . KWARGS) where manifest is the Guix environment manifest, THUNK is a procedure to call with 0 arguments and KWARGS is a list of options for things you might want to set up, e.g. just the GUIX_ENVIRONMENT variable or more than that. Is that about right? Regards, Leo