diff options
| author | Julien Moutinho <julm+nixpkgs@sourcephile.fr> | 2020-08-08 02:01:35 +0200 |
|---|---|---|
| committer | Julien Moutinho <julm+nixpkgs@sourcephile.fr> | 2020-09-06 07:43:03 +0200 |
| commit | fb6d63f3fdd95a5468d43a0693c8ca7c1894363f (patch) | |
| tree | 44edb88b751700b3e611999eb2998b6b518adb71 /nixos/modules/virtualisation/lxd.nix | |
| parent | 539ae5c93299cadc0664cfff2ffc69a9386caf6d (diff) | |
| download | nixpkgs-fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.tar nixpkgs-fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.tar.gz nixpkgs-fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.tar.bz2 nixpkgs-fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.tar.lz nixpkgs-fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.tar.xz nixpkgs-fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.tar.zst nixpkgs-fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.zip | |
apparmor: fix and improve the service
Diffstat (limited to 'nixos/modules/virtualisation/lxd.nix')
| -rw-r--r-- | nixos/modules/virtualisation/lxd.nix | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix index 3958fc2c1d7..876956f654b 100644 --- a/nixos/modules/virtualisation/lxd.nix +++ b/nixos/modules/virtualisation/lxd.nix @@ -93,11 +93,15 @@ in security.apparmor = { enable = true; - profiles = [ - "${cfg.lxcPackage}/etc/apparmor.d/usr.bin.lxc-start" - "${cfg.lxcPackage}/etc/apparmor.d/lxc-containers" - ]; packages = [ cfg.lxcPackage ]; + policies = { + "bin.lxc-start".profile = '' + include ${cfg.lxcPackage}/etc/apparmor.d/usr.bin.lxc-start + ''; + "lxc-containers".profile = '' + include ${cfg.lxcPackage}/etc/apparmor.d/lxc-containers + ''; + }; }; systemd.services.lxd = { |