On Fri, Nov 14, 2025 at 04:45:41PM +0100, Jocelyn Falempe wrote: > Ok I though full paths in systemd units are there for security reason.
We started resolving paths using a fixed $PATH a few year ago. Originally the stated reason for not doing that was selinux, but that never made sense to me, because we now that we resolve the paths selinux works the same as before. > Looking in /usr/lib/systemd/system, almost all units are using full path. > But I don't know if it's for historical or technical reason. A lot of those paths are for /usr/lib/systemd/*, which is not in the fixed $PATH that used by systemd, so the full path is required there. Using full paths like /sbin/*, /bin/*, /usr/bin/*, /usr/sbin/* is OK, but unnecessary. (Especially now that all those paths resolve to /usr/bin/, so there is no practical difference whatsoever.) But a lot of those are still present for historical reasons. One of the reasons that I wanted to get rid of the full paths was that those paths were at one point the primary source of difference between distributions: units that otherwise would be fully portable required templating. To some extent, this is still the case for the kmscon units: you are passing them through a templating mechanism which is now unnecessary. Zbyszek -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
