nixos-container: use systemd-run instead of nsenter

This is the first step for unprivileged nixos containers support. Fixes #30019. See also #18825, #57083, and #67130.
author: Nikita Uvarov <uv.nikita@gmail.com> 2019-08-23 12:12:17 +0200
committer: Nikita Uvarov <uv.nikita@gmail.com> 2019-08-23 12:21:22 +0200
commit: 7cb100b6833e020d4a4b25c3766cfde507e763e6 (patch)
tree: ea3b1fdff2b581481825db549d943f4dd5df3b4b /pkgs/tools/virtualization
parent: f096e5a46d89d3b4834732fd017fb27d85cc64b6 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/pkgs/tools/virtualization/nixos-container/nixos-container.pl b/pkgs/tools/virtualization/nixos-container/nixos-container.pl
index b5ceb522e230..2a9625501b65 100755
--- a/pkgs/tools/virtualization/nixos-container/nixos-container.pl
+++ b/pkgs/tools/virtualization/nixos-container/nixos-container.pl
@@ -9,7 +9,6 @@ use Getopt::Long qw(:config gnu_getopt);
 use Cwd 'abs_path';
 use Time::HiRes;
 
-my $nsenter = "@utillinux@/bin/nsenter";
 my $su = "@su@";
 
 # Ensure a consistent umask.
@@ -270,9 +269,10 @@ sub restartContainer {
 # Run a command in the container.
 sub runInContainer {
     my @args = @_;
-    my $leader = getLeader;
-    exec($nsenter, "-t", $leader, "-m", "-u", "-i", "-n", "-p", "--", @args);
-    die "cannot run ‘nsenter’: $!\n";
+
+    exec("systemd-run", "--machine", $containerName, "--pty", "--quiet", "--", @args);
+
+    die "cannot run ‘systemd-run’: $!\n";
 }
 
 # Remove a directory while recursively unmounting all mounted filesystems within
author	Nikita Uvarov <uv.nikita@gmail.com>	2019-08-23 12:12:17 +0200
committer	Nikita Uvarov <uv.nikita@gmail.com>	2019-08-23 12:21:22 +0200
commit	7cb100b6833e020d4a4b25c3766cfde507e763e6 (patch)
tree	ea3b1fdff2b581481825db549d943f4dd5df3b4b /pkgs/tools/virtualization
parent	f096e5a46d89d3b4834732fd017fb27d85cc64b6 (diff)