Author: eelco
Date: Thu Apr 7 12:47:20 2011
New Revision: 26740
URL: https://svn.nixos.org/websvn/nix/?rev=26740&sc=1
Log:
* /var/lib/nova/networks should be readable by the `nobody' user,
because dnsmasq runs as nobody and reads its host list from there.
Modified:
nixos/trunk/modules/virtualisation/nova.nix
Modified: nixos/trunk/modules/virtualisation/nova.nix
==============================================================================
--- nixos/trunk/modules/virtualisation/nova.nix Thu Apr 7 12:47:17 2011
(r26739)
+++ nixos/trunk/modules/virtualisation/nova.nix Thu Apr 7 12:47:20 2011
(r26740)
@@ -59,7 +59,10 @@
system.activationScripts.nova =
''
- mkdir -m 700 -p /var/lib/nova
+ mkdir -m 755 -p /var/lib/nova
+ mkdir -m 755 -p /var/lib/nova/networks
+ mkdir -m 700 -p /var/lib/nova/instances
+ mkdir -m 700 -p /var/lib/nova/keys
# Allow the CA certificate generation script (called by
# nova-api) to work.
@@ -80,7 +83,9 @@
startOn = "ip-up";
- path = [ pkgs.openssl ];
+ # `openssl' is required to generate the CA. `openssh' is
+ # required to generate key pairs.
+ path = [ pkgs.openssl pkgs.openssh ];
exec = "${nova}/bin/nova-api";
};
@@ -95,6 +100,11 @@
startOn = "ip-up";
+ preStart =
+ ''
+ mkdir -m 700 -p /var/lib/nova/images
+ '';
+
exec = "${nova}/bin/nova-objectstore --nodaemon";
};
_______________________________________________
nix-commits mailing list
[email protected]
http://mail.cs.uu.nl/mailman/listinfo/nix-commits
