diff options
| author | Mario Rodas <marsam@users.noreply.github.com> | 2023-09-28 12:50:02 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-28 12:50:02 -0500 |
| commit | 64b59ffa8d129c02f38750ec74cc9a47241f6435 (patch) | |
| tree | 31940360effbfcdceab8c3877ed6997bd6ef6777 | |
| parent | blender: 3.6.3 -> 3.6.4 (#257543) (diff) | |
| download | nixpkgs-origin/revert-255116-lxd/udev-container.tar.gz | |
Revert "systemd: allow udev-trigger to run on lxd containers with nesting"origin/revert-255116-lxd/udev-container
| -rw-r--r-- | nixos/modules/system/boot/systemd.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/virtualisation/lxc-container.nix | 19 |
2 files changed, 10 insertions, 11 deletions
diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 06027a946b20..8e38072b4c6d 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -53,7 +53,7 @@ let "systemd-udevd-kernel.socket" "systemd-udevd.service" "systemd-udev-settle.service" - ] ++ (optional (!config.boot.isContainer || config.virtualisation.lxc.nestedContainer) "systemd-udev-trigger.service") ++ [ + ] ++ (optional (!config.boot.isContainer) "systemd-udev-trigger.service") ++ [ # hwdb.bin is managed by NixOS # "systemd-hwdb-update.service" diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index 7f01b4504331..9402d3bf37d0 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -9,16 +9,15 @@ in { options = { virtualisation.lxc = { - nestedContainer = lib.mkEnableOption (lib.mdDoc '' - Whether this container is configured as a nested container. On LXD containers this is recommended - for all containers and is enabled with `security.nesting = true`. - ''); - - privilegedContainer = lib.mkEnableOption (lib.mdDoc '' - Whether this LXC container will be running as a privileged container or not. If set to `true` then - additional configuration will be applied to the `systemd` instance running within the container as - recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). - ''); + privilegedContainer = lib.mkOption { + type = lib.types.bool; + default = false; + description = lib.mdDoc '' + Whether this LXC container will be running as a privileged container or not. If set to `true` then + additional configuration will be applied to the `systemd` instance running within the container as + recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). + ''; + }; }; }; |