diff options
author | Markus Kowalewski <markus.kowalewski@gmail.com> | 2020-11-29 15:58:58 +0100 |
---|---|---|
committer | Markus Kowalewski <markus.kowalewski@gmail.com> | 2020-12-16 20:34:14 +0100 |
commit | 5df0cf7461d09e38c81c3eb6a1e6393c0c40850a (patch) | |
tree | 60939c746c43399679c2123a88371b23fa82dfe3 /nixos/doc/manual/release-notes/rl-2103.xml | |
parent | f074e879fd5b13891fbcf696411253e645017f4e (diff) | |
download | nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.gz nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.bz2 nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.lz nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.xz nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.tar.zst nixpkgs-5df0cf7461d09e38c81c3eb6a1e6393c0c40850a.zip |
nixos/slurm: fix dbdserver config file handling
Since slurm-20.11.0.1 the dbd server requires slurmdbd.conf to be in mode 600 to protect the database password. This change creates slurmdbd.conf on-the-fly at service startup and thus avoids that the database password ends up in the nix store.
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-2103.xml')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2103.xml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2103.xml b/nixos/doc/manual/release-notes/rl-2103.xml index 458170e803b..2b0144a69c2 100644 --- a/nixos/doc/manual/release-notes/rl-2103.xml +++ b/nixos/doc/manual/release-notes/rl-2103.xml @@ -278,6 +278,15 @@ <xref linkend="opt-services.privoxy.enableTor" /> = true; </programlisting> </listitem> + <listitem> + <para> + The options <literal>services.slurm.dbdserver.storagePass</literal> + and <literal>services.slurm.dbdserver.configFile</literal> have been removed. + Use <literal>services.slurm.dbdserver.storagePassFile</literal> instead to provide the database password. + Extra config options can be given via the option <literal>services.slurm.dbdserver.extraConfig</literal>. The actual configuration file is created on the fly on startup of the service. + This avoids that the password gets exposed in the nix store. + </para> + </listitem> </itemizedlist> </section> |