From 21ab4e054c1570dd5000a18cb114e665729b378a Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Wed, 27 Aug 2014 21:12:18 +0200
Subject: [PATCH] =?UTF-8?q?nixos-container=20run:=20Execute=20command=20us?=
 =?UTF-8?q?ing=20=E2=80=98su=E2=80=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This ensures that the environment is set up correctly.
---
 nixos/modules/virtualisation/nixos-container.pl | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/nixos/modules/virtualisation/nixos-container.pl b/nixos/modules/virtualisation/nixos-container.pl
index b829eeb05790..7403a42f0f14 100644
--- a/nixos/modules/virtualisation/nixos-container.pl
+++ b/nixos/modules/virtualisation/nixos-container.pl
@@ -197,8 +197,7 @@ sub getLeader {
 sub runInContainer {
     my @args = @_;
     my $leader = getLeader;
-    # FIXME: initialise the environment properly.
-    exec($nsenter, "-t", $leader, "-m", "-u", "-i", "-n", "-p", "--", "env", "-i", "--", @args);
+    exec($nsenter, "-t", $leader, "-m", "-u", "-i", "-n", "-p", "--", @args);
     die "cannot run ‘nsenter’: $!\n";
 }
 
@@ -251,12 +250,14 @@ elsif ($action eq "login") {
 }
 
 elsif ($action eq "root-login") {
-    runInContainer("bash", "--login");
+    runInContainer("su", "root", "-l");
 }
 
 elsif ($action eq "run") {
     shift @ARGV; shift @ARGV;
-    runInContainer(@ARGV);
+    # Escape command.
+    my $s = join(' ', map { s/'/'\\''/g; "'$_'" } @ARGV);
+    runInContainer("su", "root", "-l", "-c", "exec " . $s);
 }
 
 elsif ($action eq "show-ip") {