From 7f28bf9a435b6ddcf58d760cef4cb4734b55bcee Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Thu, 18 Sep 2014 23:23:46 +0200 Subject: system: Add udev rule for /dev/kvm. * gnu/services/base.scm (kvm-udev-rule): New procedure. (udev-service): Use it, and add it to RULES. (guix-build-accounts): Add "kvm" to the 'supplementary-groups' field. * gnu/system/shadow.scm (%base-groups): Add "kvm". --- gnu/services/base.scm | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'gnu/services/base.scm') diff --git a/gnu/services/base.scm b/gnu/services/base.scm index b38d3e3765..3bb4f9721b 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -418,7 +418,7 @@ starting at FIRST-UID, and under GID." ;; guix-daemon expects GROUP to be listed as a ;; supplementary group too: ;; . - (supplementary-groups (list group)) + (supplementary-groups (list group "kvm")) (comment (format #f "Guix Build User ~2d" n)) (home-directory "/var/empty") @@ -526,10 +526,31 @@ item of @var{packages}." (guix build utils)) #:local-build? #t)) +(define* (kvm-udev-rule) + "Return a directory with a udev rule that changes the group of +@file{/dev/kvm} to \"kvm\" and makes it #o660." + ;; Apparently QEMU-KVM used to ship this rule, but now we have to add it by + ;; ourselves. + (gexp->derivation "kvm-udev-rules" + #~(begin + (use-modules (guix build utils)) + + (define rules.d + (string-append #$output "/lib/udev/rules.d")) + + (mkdir-p rules.d) + (call-with-output-file + (string-append rules.d "/90-kvm.rules") + (lambda (port) + (display "\ +KERNEL==\"kvm\", GROUP=\"kvm\", MODE=\"0660\"\n" port)))) + #:modules '((guix build utils)))) + (define* (udev-service #:key (udev eudev) (rules '())) "Run @var{udev}, which populates the @file{/dev} directory dynamically. Get extra rules from the packages listed in @var{rules}." - (mlet* %store-monad ((rules (udev-rules-union (cons udev rules))) + (mlet* %store-monad ((kvm (kvm-udev-rule)) + (rules (udev-rules-union (cons* udev kvm rules))) (udev.conf (text-file* "udev.conf" "udev_rules=\"" rules "/lib/udev/rules.d\"\n"))) -- cgit 1.4.1