diff options
| author | Jörg Thalheim <joerg@thalheim.io> | 2018-04-09 08:13:23 +0100 |
|---|---|---|
| committer | Jörg Thalheim <joerg@thalheim.io> | 2018-04-09 08:15:00 +0100 |
| commit | e8cfda7f13d88f80253951edcb4c944972ba4b2c (patch) | |
| tree | ed5cc3239fcb6a6d067e5b89a04ac07023646872 | |
| parent | 8f9b21212d411e75a73585175b87cbc60aa0c983 (diff) | |
| download | nixpkgs-e8cfda7f13d88f80253951edcb4c944972ba4b2c.tar nixpkgs-e8cfda7f13d88f80253951edcb4c944972ba4b2c.tar.gz nixpkgs-e8cfda7f13d88f80253951edcb4c944972ba4b2c.tar.bz2 nixpkgs-e8cfda7f13d88f80253951edcb4c944972ba4b2c.tar.lz nixpkgs-e8cfda7f13d88f80253951edcb4c944972ba4b2c.tar.xz nixpkgs-e8cfda7f13d88f80253951edcb4c944972ba4b2c.tar.zst nixpkgs-e8cfda7f13d88f80253951edcb4c944972ba4b2c.zip | |
lxc: enable pam_cgfs and fix module
pam_cgfs was part in lxcfs before and moved here fixes #37985
| -rw-r--r-- | nixos/modules/security/pam.nix | 2 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/lxc/default.nix | 18 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/lxcfs/default.nix | 4 |
3 files changed, 7 insertions, 17 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index e1cad03e66e..f2bdfcf885e 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -386,7 +386,7 @@ let ${optionalString (cfg.enableGnomeKeyring) "session optional ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start"} ${optionalString (config.virtualisation.lxc.lxcfs.enable) - "session optional ${pkgs.lxcfs}/lib/security/pam_cgfs.so -c freezer,memory,name=systemd,unified,cpuset"} + "session optional ${pkgs.lxc}/lib/security/pam_cgfs.so -c all"} ''); }; diff --git a/pkgs/os-specific/linux/lxc/default.nix b/pkgs/os-specific/linux/lxc/default.nix index 62c9e60bbdd..1b15edcc923 100644 --- a/pkgs/os-specific/linux/lxc/default.nix +++ b/pkgs/os-specific/linux/lxc/default.nix @@ -1,14 +1,11 @@ { stdenv, fetchurl, fetchpatch, autoreconfHook, pkgconfig, perl, docbook2x -, docbook_xml_dtd_45, python3Packages +, docbook_xml_dtd_45, python3Packages, pam # Optional Dependencies , libapparmor ? null, gnutls ? null, libselinux ? null, libseccomp ? null -, cgmanager ? null, libnih ? null, dbus ? null, libcap ? null, systemd ? null +, libcap ? null, systemd ? null }: -let - enableCgmanager = cgmanager != null && libnih != null && dbus != null; -in with stdenv.lib; stdenv.mkDerivation rec { name = "lxc-${version}"; @@ -23,7 +20,7 @@ stdenv.mkDerivation rec { autoreconfHook pkgconfig perl docbook2x python3Packages.wrapPython ]; buildInputs = [ - libapparmor gnutls libselinux libseccomp cgmanager libnih dbus libcap + pam libapparmor gnutls libselinux libseccomp libcap python3Packages.python python3Packages.setuptools systemd ]; @@ -37,15 +34,8 @@ stdenv.mkDerivation rec { XML_CATALOG_FILES = "${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml"; - # FIXME - # glibc 2.25 moved major()/minor() to <sys/sysmacros.h>. - # this commit should detect this: https://github.com/lxc/lxc/pull/1388/commits/af6824fce9c9536fbcabef8d5547f6c486f55fdf - # However autotools checks if mkdev is still defined in <sys/types.h> runs before - # checking if major()/minor() is defined there. The mkdev check succeeds with - # a warning and the check which should set MAJOR_IN_SYSMACROS is skipped. - NIX_CFLAGS_COMPILE = [ "-DMAJOR_IN_SYSMACROS" ]; - configureFlags = [ + "--enable-pam" "--localstatedir=/var" "--sysconfdir=/etc" "--disable-api-docs" diff --git a/pkgs/os-specific/linux/lxcfs/default.nix b/pkgs/os-specific/linux/lxcfs/default.nix index 8c381877fdc..6f7dd2f56ff 100644 --- a/pkgs/os-specific/linux/lxcfs/default.nix +++ b/pkgs/os-specific/linux/lxcfs/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, help2man, fuse, pam +{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, help2man, fuse , enableDebugBuild ? false }: with stdenv.lib; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ pkgconfig help2man autoreconfHook ]; - buildInputs = [ fuse pam ]; + buildInputs = [ fuse ]; preConfigure = stdenv.lib.optionalString enableDebugBuild '' sed -i 's,#AM_CFLAGS += -DDEBUG,AM_CFLAGS += -DDEBUG,' Makefile.am |