Am 31.10.2014 um 18:06 schrieb Fisher, Charles J. (Top Echelon):
From: systemd-devel [mailto:systemd-devel-boun...@lists.freedesktop.org] On Behalf Of Reindl HaraldFor some reason, the iptables didn't happen. Maybe it needs to be fully qualified.yes it needs to be as any other path the documentation is very clear hereNo, [unix] user oracle doesn't have permission to run iptables.
but it needs to be full qualified anyways
I either need to sudo something up, or put this elsewhere. Letting different commands run with different uids/gids would be a nice feature
"PermissionsStartOnly=true" exists and so you can have helper processes as root while restrict the main process - anything else is hardly maintainable with the now clear ini-style of a unit
signature.asc
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
