public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/podman: Change podman socket to new podman group

Browse Source 
(cherry picked from commit fb8b0a38433c8e83a53c1dc0a739c5a7ad64e2fc)
This commit is contained in:
Robert Hensing 2021-05-25 10:22:29 +02:00
parent f63aff597b
commit db05ed8b0d
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
nixos/modules/virtualisation/podman.nix
View File

@ -111,8 +111,19 @@ in
}; };
systemd.sockets.podman.wantedBy = [ "sockets.target" ]; systemd.sockets.podman.wantedBy = [ "sockets.target" ];
systemd.sockets.podman.socketConfig.SocketGroup = "podman";
systemd.tmpfiles.packages = [ cfg.package ]; systemd.tmpfiles.packages = [
# The /run/podman rule interferes with our podman group, so we remove
# it and let the systemd socket logic take care of it.
(pkgs.runCommand "podman-tmpfiles-nixos" { package = cfg.package; } ''
mkdir -p $out/lib/tmpfiles.d/
grep -v 'D! /run/podman 0700 root root' \
<$package/lib/tmpfiles.d/podman.conf \
>$out/lib/tmpfiles.d/podman.conf
'') ];
users.groups.podman = {};
assertions = [ assertions = [
{ {