NixOS containers: Create /root with 700 permission

Systemd-nspawn creates /root with 755 permission if it doesn't exist, which is bad. So we have to create it ourselves before calling systemd-nspawn.
2024-11-24 16:03:23 +00:00 · 2015-01-15 17:51:43 +01:00 · 2015-01-15 17:51:43 +01:00 · 3ca275d7ba
commit 3ca275d7ba
parent d5f63e9626
1 changed files with 1 additions and 1 deletions
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@ -194,7 +194,7 @@ in
        script =
          ''
            mkdir -p -m 0755 "$root/etc" "$root/var/lib"
-            mkdir -p -m 0700 "$root/var/lib/private"
+            mkdir -p -m 0700 "$root/var/lib/private" "$root/root"
            if ! [ -e "$root/etc/os-release" ]; then
              touch "$root/etc/os-release"
            fi