libvirtd-service: give access to users in the "libvirtd" group

Currently only root has access. But with this patch all users in "libvirtd" group will have access. This is similar to how it's done on Ubuntu. Also, add virtualisation.libvirtd.extraConfig option for further customization of libvirtd.conf.
2013-08-15 21:50:16 +02:00
parent 2dca8421f9
commit f7d11af98a
1 changed files with 20 additions and 1 deletions
--- a/modules/virtualisation/libvirtd.nix
+++ b/modules/virtualisation/libvirtd.nix
@@ -7,6 +7,13 @@ with pkgs.lib;
 let

  cfg = config.virtualisation.libvirtd;
+  configFile = pkgs.writeText "libvirtd.conf" ''
+    unix_sock_group = "libvirtd"
+    unix_sock_rw_perms = "0770"
+    auth_unix_ro = "none"
+    auth_unix_rw = "none"
+    ${cfg.extraConfig}
+  '';

 in

@@ -36,6 +43,16 @@ in
          '';
      };

+    virtualisation.libvirtd.extraConfig =
+      mkOption {
+        default = "";
+        description =
+          ''
+            Extra contents appended to the libvirtd configuration file,
+            libvirtd.conf.
+          '';
+      };
+
  };


@@ -83,7 +100,7 @@ in
            done
          ''; # */

-        serviceConfig.ExecStart = "@${pkgs.libvirt}/sbin/libvirtd libvirtd --daemon --verbose";
+        serviceConfig.ExecStart = ''@${pkgs.libvirt}/sbin/libvirtd libvirtd --config "${configFile}" --daemon --verbose'';
        serviceConfig.Type = "forking";
        serviceConfig.KillMode = "process"; # when stopping, leave the VMs alone

@@ -124,6 +141,8 @@ in
        serviceConfig.RemainAfterExit = true;
      };

+    users.extraGroups.libvirtd = {};
+
  };

 }