hst/config: remove container etc field

This no longer needs special treatment since it can be specified as a generic filesystem entry. Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-08-25 19:13:31 +09:00
parent 6d202d73b4
commit 0dcac55a0c
13 changed files with 60 additions and 59 deletions
--- a/internal/app/app_nixos_linux_test.go
+++ b/internal/app/app_nixos_linux_test.go
@@ -27,7 +27,7 @@ var testCasesNixos = []sealTestCase{
 			Shell:       m("/run/current-system/sw/bin/zsh"),

 			Container: &hst.ContainerConfig{
-				Userns: true, HostNet: true, MapRealUID: true, Env: nil, AutoEtc: true,
+				Userns: true, HostNet: true, MapRealUID: true, Env: nil,
 				Filesystem: []hst.FilesystemConfigJSON{
 					f(&hst.FSBind{Source: m("/bin")}),
 					f(&hst.FSBind{Source: m("/usr/bin/")}),
@@ -40,6 +40,7 @@ var testCasesNixos = []sealTestCase{
 					f(&hst.FSBind{Source: m("/sys/devices"), Optional: true}),
 					f(&hst.FSBind{Source: m("/run/opengl-driver")}),
 					f(&hst.FSBind{Source: m("/dev/dri"), Device: true, Optional: true}),
+					f(&hst.FSBind{Source: m("/etc/"), Target: m("/etc/"), Special: true}),
 				},
 			},
 			SystemBus: &dbus.Config{
--- a/internal/app/app_pd_linux_test.go
+++ b/internal/app/app_pd_linux_test.go
@@ -49,9 +49,9 @@ var testCasesPd = []sealTestCase{
 				DevWritable(m("/dev/"), true).
 				Bind(m("/dev/kvm"), m("/dev/kvm"), container.BindWritable|container.BindDevice|container.BindOptional).
 				Readonly(m("/var/run/nscd"), 0755).
+				Etc(m("/etc/"), "4a450b6596d7bc15bd01780eb9a607ac").
 				Tmpfs(m("/run/user/1971"), 8192, 0755).
 				Tmpfs(m("/run/dbus"), 8192, 0755).
-				Etc(m("/etc/"), "4a450b6596d7bc15bd01780eb9a607ac").
 				Remount(m("/dev/"), syscall.MS_RDONLY).
 				Tmpfs(m("/run/user/"), 4096, 0755).
 				Bind(m("/tmp/hakurei.1971/runtime/0"), m("/run/user/65534"), container.BindWritable).
@@ -186,9 +186,9 @@ var testCasesPd = []sealTestCase{
 				Bind(m("/dev/dri"), m("/dev/dri"), container.BindWritable|container.BindDevice|container.BindOptional).
 				Bind(m("/dev/kvm"), m("/dev/kvm"), container.BindWritable|container.BindDevice|container.BindOptional).
 				Readonly(m("/var/run/nscd"), 0755).
+				Etc(m("/etc/"), "ebf083d1b175911782d413369b64ce7c").
 				Tmpfs(m("/run/user/1971"), 8192, 0755).
 				Tmpfs(m("/run/dbus"), 8192, 0755).
-				Etc(m("/etc/"), "ebf083d1b175911782d413369b64ce7c").
 				Remount(m("/dev/"), syscall.MS_RDONLY).
 				Tmpfs(m("/run/user/"), 4096, 0755).
 				Bind(m("/tmp/hakurei.1971/runtime/9"), m("/run/user/65534"), container.BindWritable).
--- a/internal/app/container_linux.go
+++ b/internal/app/container_linux.go
@@ -244,18 +244,6 @@ func newContainer(s *hst.ContainerConfig, os sys.State, prefix string, uid, gid
 		params.Link(l.Target, linkname, dereference)
 	}

-	if !s.AutoEtc {
-		if s.Etc != nil {
-			params.Bind(s.Etc, container.AbsFHSEtc, 0)
-		}
-	} else {
-		if s.Etc == nil {
-			params.Etc(container.AbsFHSEtc, prefix)
-		} else {
-			params.Etc(s.Etc, prefix)
-		}
-	}
-
 	// no more ContainerConfig paths beyond this point
 	if !s.Device {
 		params.Remount(container.AbsFHSDev, syscall.MS_RDONLY)
--- a/internal/app/seal_linux.go
+++ b/internal/app/seal_linux.go
@@ -242,7 +242,6 @@ func (seal *outcome) finalise(ctx context.Context, sys sys.State, config *hst.Co
 			HostNet:      true,
 			HostAbstract: true,
 			Tty:          true,
-			AutoEtc:      true,

 			Filesystem: []hst.FilesystemConfigJSON{
 				{&hst.FSBind{
@@ -267,6 +266,15 @@ func (seal *outcome) finalise(ctx context.Context, sys sys.State, config *hst.Co
 			conf.Filesystem = append(conf.Filesystem, hst.FilesystemConfigJSON{FilesystemConfig: &hst.FSEphemeral{Target: nscd}})
 		}

+		// do autoetc last
+		conf.Filesystem = append(conf.Filesystem,
+			hst.FilesystemConfigJSON{FilesystemConfig: &hst.FSBind{
+				Target:  container.AbsFHSEtc,
+				Source:  container.AbsFHSEtc,
+				Special: true,
+			}},
+		)
+
 		config.Container = conf
 	}