From da4bbf85330f9a2fcc1299e1014d4ba2417473a5 Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Thu, 3 Dec 2020 12:04:51 +0100
Subject: [PATCH] isolate: only load some files from /etc

---
 garlic/stages/isolate/stage1 | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/garlic/stages/isolate/stage1 b/garlic/stages/isolate/stage1
index eb6eec6..3920da8 100644
--- a/garlic/stages/isolate/stage1
+++ b/garlic/stages/isolate/stage1
@@ -27,7 +27,7 @@ env=(
 mounts=(
 	#-m @nixPrefix@
 	#FIXME: Use only the strictly neccesary from /etc
-	-m /etc
+	-m /original-etc:/etc
 	# The /etc/hosts file is a symlink to this etc/
 	-m /.statelite/tmpfs/etc
 	-m /sys
@@ -44,7 +44,14 @@ mounts=(
   @extraMountOptions@
 )
 
-join_flags="${mounts[@]}"
+symlinks=(
+  -s /etc/hosts:/original-etc/hosts
+  -s /etc/passwd:/original-etc/passwd
+  -s /etc/resolv.conf:/original-etc/resolv.conf
+  -s /etc/host.conf:/original-etc/host.conf
+  -s /etc/slurm/slurm.conf:/original-etc/slurm/slurm.conf
+  -s /etc/services:/original-etc/services
+)
 
-exec $nixjoin -i $join_flags $nixhome -- \
+exec $nixjoin -i "${mounts[@]}" "${symlinks[@]}" $nixhome -- \
 	env -i "${env[@]}" @out@/bin/stage2 "$@"