From 757c7f377326205f3e04afe5d053c371600457f7 Mon Sep 17 00:00:00 2001 From: Thomas Tuegel Date: Wed, 27 Nov 2019 15:44:32 -0600 Subject: [PATCH] docker-container: Remove /etc symlink The system output usually contains a symlink from /etc to the static configuration for the benefit of the stage-1 script in the initrd. The stage-2 script is usually started in the real root without such a symlink. In a container, there is no stage-1 and the system output is used directly as a real root. If the symlink is present, setup-etc.pl will create a symlink cycle and the system cannot boot. There is no reason for the /etc link to exist in a container because setup-etc.pl will create the necessary files. The container module will now remove the /etc symlink and create an empty directory. The empty /etc is for container managers to populate it with site-specific settings; for example, to set the hostname. This is required to boot NixOS in an LXC container on another host. See also: #9735 --- nixos/modules/profiles/docker-container.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/nixos/modules/profiles/docker-container.nix b/nixos/modules/profiles/docker-container.nix index 5d6b11498b5..183645de36f 100644 --- a/nixos/modules/profiles/docker-container.nix +++ b/nixos/modules/profiles/docker-container.nix @@ -2,6 +2,8 @@ with lib; +let inherit (pkgs) writeScript; in + let pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l; @@ -30,7 +32,12 @@ in { ]; # Some container managers like lxc need these - extraCommands = "mkdir -p proc sys dev"; + extraCommands = + let script = writeScript "extra-commands.sh" '' + rm etc + mkdir -p proc sys dev etc + ''; + in script; }; boot.isContainer = true;