Re: [systemd-devel] systemd - how to run system service by user target
20.10.2016 15:00, Lennart Poettering пишет: > On Thu, 20.10.16 05:23, Kamil Jońca (kjo...@o2.pl) wrote: > >> Lennart Poetteringwrites: >> >>> On Wed, 19.10.16 12:46, Kamil Jońca (kjo...@o2.pl) wrote: >>> Assume we have openvpn.service. This service neccessary only when I want to connect to my work from home. Is it possible to make user target which will be automatically run this service? >>> >>> Whenever a user logs in it will get a per-user slice unit >>> started. When the user logs out, the slice unit is removed. You could >> >> Unfortunately we cannot say about user login/logout - I have my laptop >> and it is only hibernated or sleeping. >> I thought rather about: >> >> --8<---cut here---start->8--- >> systemctl --user start work-at-home.target >> --8<---cut here---end--->8--- >> which runs vpn, mounts network discs etc. >> Is it possible? > > Well, this would require a privilege elevation. You can configure that > by invoking "systemctl start --system" on the right system units, and > then telling PK via its policy language that your user shall be > allowed to do that. But I am not PK policy pro, you'd have to check > the policy language to figure out how best to do this. > To figure out how to best to do this we need to know what information systemd provides with polkit request (i.e. which details are available to make decision upon). I could not find documentation that describes it. Without details this is all or nothing. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd - how to run system service by user target
On Thu, 20.10.16 05:23, Kamil Jońca (kjo...@o2.pl) wrote: > Lennart Poetteringwrites: > > > On Wed, 19.10.16 12:46, Kamil Jońca (kjo...@o2.pl) wrote: > > > >> > >> Assume we have openvpn.service. > >> This service neccessary only when I want to connect to my work from > >> home. > >> > >> Is it possible to make user target which will be automatically run this > >> service? > > > > Whenever a user logs in it will get a per-user slice unit > > started. When the user logs out, the slice unit is removed. You could > > Unfortunately we cannot say about user login/logout - I have my laptop > and it is only hibernated or sleeping. > I thought rather about: > > --8<---cut here---start->8--- > systemctl --user start work-at-home.target > --8<---cut here---end--->8--- > which runs vpn, mounts network discs etc. > Is it possible? Well, this would require a privilege elevation. You can configure that by invoking "systemctl start --system" on the right system units, and then telling PK via its policy language that your user shall be allowed to do that. But I am not PK policy pro, you'd have to check the policy language to figure out how best to do this. Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd - how to run system service by user target
Lennart Poetteringwrites: [...] > > Well, this would require a privilege elevation. You can configure that > by invoking "systemctl start --system" on the right system units, and > then telling PK via its policy language that your user shall be > allowed to do that. But I am not PK policy pro, you'd have to check > the policy language to figure out how best to do this. Well, simpler would be do system target, and run systemctl via sudo :) Thanks. KJ -- http://stopstopnop.pl/stop_stopnop.pl_o_nas.html The church is near but the road is icy; the bar is far away but I will walk carefully. -- Russian Proverb ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd - how to run system service by user target
On Wed, 19.10.16 12:46, Kamil Jońca (kjo...@o2.pl) wrote: > > Assume we have openvpn.service. > This service neccessary only when I want to connect to my work from > home. > > Is it possible to make user target which will be automatically run this > service? Whenever a user logs in it will get a per-user slice unit started. When the user logs out, the slice unit is removed. You could make sure that your service is pulled in by this slice when the slice is started (and hence at login) and stopped whenever the slice is stopped (i.e. at last logout). There's no particularly nice scheme for that in place, but if you have well-established UIDs, it would be as easy as dropping in a symlink /etc/systemd/system/user-1000.slice.wants/ pointing to your main service file. Then, inside that file, add dependencies back to the slice, i.e. something like BindsTo=user-1000.slice I hope you get the idea of what I am suggesting here... Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd - how to run system service by user target
Assume we have openvpn.service. This service neccessary only when I want to connect to my work from home. Is it possible to make user target which will be automatically run this service? KJ -- http://wolnelektury.pl/wesprzyj/teraz/ Alas, I am dying beyond my means. -- Oscar Wilde [as he sipped champagne on his deathbed] ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel