On Wed, 14 Dec 2016, Samuel Williams wrote:
Reindl, I understand where you are coming from, but I'm not sure I
understand what the alternative you are proposing is, are you
suggesting I use su?
Putting aside the issue of having users link their own units into the
system configuration -- as pointed out else in this thread, that comes
with a *lot* of security issues -- you don't even need sudo or su to allow
users to control system units.
systemd uses polkit for authentication, and you can write polkit rules to
grant access to particular operations on particular units to particular
users or groups.
Unfortunately this feature isn't particularly well-documented at the
moment, but you can take a look at an example at the top of:
https://github.com/systemd/systemd/pull/1159
More details on these rule files are in the polkit(8) manpage, under
Authorization Rules.
- Michael
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
