diff options
| author | Jörg Thalheim <Mic92@users.noreply.github.com> | 2018-01-01 15:42:03 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-01-01 15:42:03 +0100 |
| commit | 0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536 (patch) | |
| tree | 6c30547b0585ff9240e4546c3ca379940b4ecaa2 /nixos/modules | |
| parent | 4d917639fb3c2959f058e533d5ebb2001e5b05fa (diff) | |
| parent | ea78f0f06ca9a63c1e89e5b82e638977a7942c6b (diff) | |
| download | nixlib-0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536.tar nixlib-0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536.tar.gz nixlib-0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536.tar.bz2 nixlib-0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536.tar.lz nixlib-0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536.tar.xz nixlib-0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536.tar.zst nixlib-0bbf671b5ac49f9fc6f5d1c202e4d0fe818e3536.zip | |
Merge pull request #31157 from sorki/lxcfs_pam_related
[wip] lxcfs,pam: disable cgmanager, enable pam_cgfs, lxcfs 2.0.7 -> 2.0.8
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/security/pam.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/virtualisation/lxcfs.nix | 4 |
2 files changed, 2 insertions, 4 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index bf7f62c5da9d..8d658a20a1fe 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -351,6 +351,8 @@ let ${optionalString (cfg.enableKwallet) ("session optional ${pkgs.plasma5.kwallet-pam}/lib/security/pam_kwallet5.so" + " kwalletd=${pkgs.libsForQt5.kwallet.bin}/bin/kwalletd5")} + ${optionalString (config.virtualisation.lxc.lxcfs.enable) + "session optional ${pkgs.lxcfs}/lib/security/pam_cgfs.so -c freezer,memory,name=systemd,unified,cpuset"} ''); }; diff --git a/nixos/modules/virtualisation/lxcfs.nix b/nixos/modules/virtualisation/lxcfs.nix index 48462dc66da8..b2457403463a 100644 --- a/nixos/modules/virtualisation/lxcfs.nix +++ b/nixos/modules/virtualisation/lxcfs.nix @@ -28,13 +28,9 @@ in { ###### implementation config = mkIf cfg.enable { - services.cgmanager.enable = true; - systemd.services.lxcfs = { description = "FUSE filesystem for LXC"; wantedBy = [ "multi-user.target" ]; - requires = [ "cgmanager.service" ]; - after = [ "cgmanager.service" ]; before = [ "lxc.service" ]; restartIfChanged = false; serviceConfig = { |