Hello, We, at Axis, have a monolithic operating system backed by a platform. There are teams behind the services making up the operating system and we have quite many services. We have been investigating sandboxing these services and of course systemd sandboxing directives are a way to go. Problem is that it is not realistic for us to expect teams to be on top of the directives and apply the right ones they need (and keep them updated). There shines the portable services for us with it’s “profiles”. We are trying to sandbox these services while giving them some host access. There shined for example how the default profile is set up by giving dbus access (binding dbus system socket to a portable service). We would like to create a base runtime and expect services to use the base runtime, still giving them the option of overriding the runtime. There shined the stackable services with latest “extension” support. All and all it fits our use case very well.
I am aware that portable services is still enhancing but who out there is using it and I am curious about their use case. (Sorry, couldn’t wait for spring in Berlin). Seems like DynamicUsers is part of the default profile and DynamicUsers is a good thing. Seems like systemd creates a username as the same name as the portable service. Does it work with username based dbus policies? Is it that we need to be very careful regarding who can start a portable service in case they re-use service name to go around dbus rules (vs who can edit /etc/passwd). Thanks in advance Umut
