libvirtd-service: give access to users in the "libvirtd" group

Currently only root has access. But with this patch all users in "libvirtd" group will have access. This is similar to how it's done on Ubuntu. Also, add virtualisation.libvirtd.extraConfig option for further customization of libvirtd.conf.
NixOS · Aug 15, 2013 · f7d11af · f7d11af
1 parent 2dca842
commit f7d11af
Showing 1 changed file with 20 additions and 1 deletion.
diff --git a/modules/virtualisation/libvirtd.nix b/modules/virtualisation/libvirtd.nix
@@ -7,6 +7,13 @@ with pkgs.lib;
 let
 
   cfg = config.virtualisation.libvirtd;
+  configFile = pkgs.writeText "libvirtd.conf" ''
+    unix_sock_group = "libvirtd"
+    unix_sock_rw_perms = "0770"
+    auth_unix_ro = "none"
+    auth_unix_rw = "none"
+    ${cfg.extraConfig}
+  '';
 
 in
 
@@ -36,6 +43,16 @@ in
           '';
       };
 
+    virtualisation.libvirtd.extraConfig =
+      mkOption {
+        default = "";
+        description =
+          ''
+            Extra contents appended to the libvirtd configuration file,
+            libvirtd.conf.
+          '';
+      };
+
   };
 
 
@@ -83,7 +100,7 @@ in
             done
           ''; # */
 
-        serviceConfig.ExecStart = "@${pkgs.libvirt}/sbin/libvirtd libvirtd --daemon --verbose";
+        serviceConfig.ExecStart = ''@${pkgs.libvirt}/sbin/libvirtd libvirtd --config "${configFile}" --daemon --verbose'';
         serviceConfig.Type = "forking";
         serviceConfig.KillMode = "process"; # when stopping, leave the VMs alone
 
@@ -124,6 +141,8 @@ in
         serviceConfig.RemainAfterExit = true;
       };
 
+    users.extraGroups.libvirtd = {};
+
   };
 
 }