* /var/lib/nova/networks should be readable by the `nobody' user,
because dnsmasq runs as nobody and reads its host list from there. svn path=/nixos/trunk/; revision=26740
This commit is contained in:
parent
3836e8eb02
commit
05ff7baf48
@ -59,7 +59,10 @@ in
|
||||
|
||||
system.activationScripts.nova =
|
||||
''
|
||||
mkdir -m 700 -p /var/lib/nova
|
||||
mkdir -m 755 -p /var/lib/nova
|
||||
mkdir -m 755 -p /var/lib/nova/networks
|
||||
mkdir -m 700 -p /var/lib/nova/instances
|
||||
mkdir -m 700 -p /var/lib/nova/keys
|
||||
|
||||
# Allow the CA certificate generation script (called by
|
||||
# nova-api) to work.
|
||||
@ -80,7 +83,9 @@ in
|
||||
|
||||
startOn = "ip-up";
|
||||
|
||||
path = [ pkgs.openssl ];
|
||||
# `openssl' is required to generate the CA. `openssh' is
|
||||
# required to generate key pairs.
|
||||
path = [ pkgs.openssl pkgs.openssh ];
|
||||
|
||||
exec = "${nova}/bin/nova-api";
|
||||
};
|
||||
@ -95,6 +100,11 @@ in
|
||||
|
||||
startOn = "ip-up";
|
||||
|
||||
preStart =
|
||||
''
|
||||
mkdir -m 700 -p /var/lib/nova/images
|
||||
'';
|
||||
|
||||
exec = "${nova}/bin/nova-objectstore --nodaemon";
|
||||
};
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user