From 980505dc3b313aa92db69536d664875ac12ecb6a Mon Sep 17 00:00:00 2001
From: xeji <xeji@cat3.de>
Date: Sun, 18 Mar 2018 00:22:53 +0100
Subject: nixos/libvirtd: add option to run qemu as non-root

New option virtualisation.libvirtd.qemuRunAsRoot (default: true).
If false, qemu is run as non-privileged user qemu-libvirtd,
reducing security risk
---
 nixos/modules/misc/ids.nix | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'nixos/modules/misc/ids.nix')

diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 40445c3b960a..bffd8aff78b9 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -325,6 +325,7 @@
       hydron = 298;
       cfssl = 299;
       cassandra = 300;
+      qemu-libvirtd = 301;
 
       # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
 
@@ -610,6 +611,7 @@
       hydron = 298;
       cfssl = 299;
       cassandra = 300;
+      qemu-libvirtd = 301;
 
       # When adding a gid, make sure it doesn't match an existing
       # uid. Users and groups with the same name should have equal
-- 
cgit 1.4.1