steveej-nuc7pjyh-work: manage /dev/sgx devices via a sgx group & adapt posh to handle groups #37
2 changed files with 3 additions and 0 deletions
|
|
@ -2,6 +2,8 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
in {
|
in {
|
||||||
|
services.udev.extraRules = ''SUBSYSTEM=="sgx", MODE="0660", GROUP="sgx"'';
|
||||||
|
users.groups.sgx = {};
|
||||||
networking.hostName = "steveej-nuc7pjyh-work"; # Define your hostname.
|
networking.hostName = "steveej-nuc7pjyh-work"; # Define your hostname.
|
||||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_sgx_latest;
|
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_sgx_latest;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,7 @@ in {
|
||||||
uid = 1001;
|
uid = 1001;
|
||||||
openssh.authorizedKeys.keys = keys.users.steveej.openssh;
|
openssh.authorizedKeys.keys = keys.users.steveej.openssh;
|
||||||
shell = pkgs.posh { image = "quay.io/enarx/fedora"; run_args = "-v /dev/sgx:/dev/sgx"; };
|
shell = pkgs.posh { image = "quay.io/enarx/fedora"; run_args = "-v /dev/sgx:/dev/sgx"; };
|
||||||
|
extraGroups = [ "sgx" ];
|
||||||
|
|
||||||
subUidRanges = [{ startUid = 100000; count = 65536; }];
|
subUidRanges = [{ startUid = 100000; count = 65536; }];
|
||||||
subGidRanges = [{ startGid = 100000; count = 65536; }];
|
subGidRanges = [{ startGid = 100000; count = 65536; }];
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue