From dd5cb6b03fe77ce7c4e46467048336c62d31b7a3 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 8 Apr 2019 13:32:32 -0400 Subject: change from inChroot to granular container capabilities info * Removed inChroot, instead use hasContainerCapability FilesystemContained. (API change) * Hostname: Properties that used to not do anything in a systemd or docker container will now change the container's hostname, since it's namespaced. More container capabilities can easily be added later, to fine grain control what properties will run in different kinds of containers. This changed CmdLine's Read instance, which should be ok, because propellor inside the container is always updated at the same time as propellor outside, so when it chains into the chroot, it will know to expect the capability list. Docker was not setting InChroot before, but now sets both container capabilities, so chroot setting will also work in it. Note that, things that used to check inChroot before would not work in docker, but things that check FilesystemContained now will. It may be that some of those properties don't really work properly in docker. And, Grub.installed used to run grub-mkconfig in a docker container before, I doubt that made sense (was it even safe?); it doesn't do it now. This commit was sponsored by Trenton Cronholm on Patreon. --- src/Propellor/CmdLine.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/Propellor/CmdLine.hs') diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs index bd01b34c..31e45da1 100644 --- a/src/Propellor/CmdLine.hs +++ b/src/Propellor/CmdLine.hs @@ -129,7 +129,7 @@ defaultMain hostlist = withConcurrentOutput $ do go _ ListFields = listPrivDataFields hostlist go _ (AddKey keyid) = addKey keyid go _ (RmKey keyid) = rmKey keyid - go _ c@(ChrootChain _ _ _ _) = Chroot.chain hostlist c + go _ c@(ChrootChain _ _ _ _ _) = Chroot.chain hostlist c go _ (DockerChain hn cid) = Docker.chain hostlist hn cid go _ (DockerInit hn) = Docker.init hn go _ (GitPush fin fout) = gitPushHelper fin fout -- cgit v1.2.3