diff options
| author | Maciej Krüger <mkg20001@gmail.com> | 2021-04-28 05:32:50 +0200 |
|---|---|---|
| committer | Maciej Krüger <mkg20001@gmail.com> | 2021-11-03 07:49:52 +0100 |
| commit | 5ea329958a4c987003c8d738ea1d8b9ea4e70255 (patch) | |
| tree | 6a18fca4a1c312fb426c47b2d66dfd1698fd008d | |
| parent | 1c7a7f198c319dbc1b67c6ad0124b9c6c5f34cd4 (diff) | |
| download | nixpkgs-5ea329958a4c987003c8d738ea1d8b9ea4e70255.tar nixpkgs-5ea329958a4c987003c8d738ea1d8b9ea4e70255.tar.gz nixpkgs-5ea329958a4c987003c8d738ea1d8b9ea4e70255.tar.bz2 nixpkgs-5ea329958a4c987003c8d738ea1d8b9ea4e70255.tar.lz nixpkgs-5ea329958a4c987003c8d738ea1d8b9ea4e70255.tar.xz nixpkgs-5ea329958a4c987003c8d738ea1d8b9ea4e70255.tar.zst nixpkgs-5ea329958a4c987003c8d738ea1d8b9ea4e70255.zip | |
virtualisation.lxc: add the overrides from distrobuilder
| -rw-r--r-- | nixos/modules/virtualisation/lxc-container.nix | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index 9cc5c829e12..d69ce4cf0bc 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -105,6 +105,14 @@ in extraCommands = "mkdir -p proc sys dev"; }); + # Add the overrides from lxd distrobuilder + systemd.extraConfig = '' + [Service] + ProtectProc=default + ProtectControlGroups=no + ProtectKernelTunables=no + ''; + # Allow the user to login as root without password. users.users.root.initialHashedPassword = mkOverride 150 ""; |