diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-01-15 17:51:43 +0100 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-01-15 17:51:43 +0100 |
commit | 3ca275d7ba92900fa793d4c9bf017e38394fcfec (patch) | |
tree | c0b1526cc64a3249ae75cbfd890763e8ffcba8e0 /nixos | |
parent | d5f63e9626da19df6fb12d6ef7b4b6329b2ff0a3 (diff) | |
download | nixlib-3ca275d7ba92900fa793d4c9bf017e38394fcfec.tar nixlib-3ca275d7ba92900fa793d4c9bf017e38394fcfec.tar.gz nixlib-3ca275d7ba92900fa793d4c9bf017e38394fcfec.tar.bz2 nixlib-3ca275d7ba92900fa793d4c9bf017e38394fcfec.tar.lz nixlib-3ca275d7ba92900fa793d4c9bf017e38394fcfec.tar.xz nixlib-3ca275d7ba92900fa793d4c9bf017e38394fcfec.tar.zst nixlib-3ca275d7ba92900fa793d4c9bf017e38394fcfec.zip |
NixOS containers: Create /root with 700 permission
Systemd-nspawn creates /root with 755 permission if it doesn't exist, which is bad. So we have to create it ourselves before calling systemd-nspawn.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/virtualisation/containers.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 3b7f3e248d5a..075ec0ea2277 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -194,7 +194,7 @@ in script = '' mkdir -p -m 0755 "$root/etc" "$root/var/lib" - mkdir -p -m 0700 "$root/var/lib/private" + mkdir -p -m 0700 "$root/var/lib/private" "$root/root" if ! [ -e "$root/etc/os-release" ]; then touch "$root/etc/os-release" fi |