libvirtd-service: give access to users in the "libvirtd" group
Currently only root has access. But with this patch all users in "libvirtd" group will have access. This is similar to how it's done on Ubuntu. Also, add virtualisation.libvirtd.extraConfig option for further customization of libvirtd.conf.
This commit is contained in:
parent
2dca8421f9
commit
f7d11af98a
@ -7,6 +7,13 @@ with pkgs.lib;
|
||||
let
|
||||
|
||||
cfg = config.virtualisation.libvirtd;
|
||||
configFile = pkgs.writeText "libvirtd.conf" ''
|
||||
unix_sock_group = "libvirtd"
|
||||
unix_sock_rw_perms = "0770"
|
||||
auth_unix_ro = "none"
|
||||
auth_unix_rw = "none"
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
|
||||
in
|
||||
|
||||
@ -36,6 +43,16 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.extraConfig =
|
||||
mkOption {
|
||||
default = "";
|
||||
description =
|
||||
''
|
||||
Extra contents appended to the libvirtd configuration file,
|
||||
libvirtd.conf.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
@ -83,7 +100,7 @@ in
|
||||
done
|
||||
''; # */
|
||||
|
||||
serviceConfig.ExecStart = "@${pkgs.libvirt}/sbin/libvirtd libvirtd --daemon --verbose";
|
||||
serviceConfig.ExecStart = ''@${pkgs.libvirt}/sbin/libvirtd libvirtd --config "${configFile}" --daemon --verbose'';
|
||||
serviceConfig.Type = "forking";
|
||||
serviceConfig.KillMode = "process"; # when stopping, leave the VMs alone
|
||||
|
||||
@ -124,6 +141,8 @@ in
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
};
|
||||
|
||||
users.extraGroups.libvirtd = {};
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user