nixos/stage2: Fix mounting special filesystems

This partially reverts commit ab9537ca22ce3fd4efc1795c58105504022d0c48.

From the manpage of systemd-nspawn(1):

  Note that systemd-nspawn will mount file systems private to the
  container to /dev, /run and similar.

Testing this in a shell turns out:

$ sudo systemd-nspawn --bind-ro=/nix/store "$(readlink "$(which ls)")" /proc
Spawning container aszlig on /home/aszlig.
Press ^] three times within 1s to kill container.
/etc/localtime does not point into /usr/share/zoneinfo/, not updating
container timezone.
1          execdomains  kpageflags    stat
acpi       fb           loadavg       swaps
asound     filesystems  locks         sys
buddyinfo  fs           meminfo       sysrq-trigger
bus        interrupts   misc          sysvipc
cgroups    iomem        modules       thread-self
cmdline    ioports      mounts        timer_list
config.gz  irq          mtrr          timer_stats
consoles   kallsyms     net           tty
cpuinfo    kcore        pagetypeinfo  uptime
crypto     key-users    partitions    version
devices    keys         scsi          vmallocinfo
diskstats  kmsg         self          vmstat
dma        kpagecgroup  slabinfo      zoneinfo
driver     kpagecount   softirqs
Container aszlig exited successfully.

So the test on whether PID 1 exists in /proc is enough, because if we
use PID namespaces there actually _is_ a PID 1 (as shown above) and the
special file systems are already mounted. A test on the $containers
variable actually mounts them twice.

This unbreaks NixOS containers and I've tested this against the
containers-imperative NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @rickynils, @shlevy, @edolstra

0 files changed, 0 insertions, 0 deletions