I'm not sure if that's related to homectl - it seems that you're trying to specify User= and Group= within a user service. The whole "systemd --user" service manager (user@xxx.service) is unprivileged and runs as your user, so it cannot change its UID anyway or set any supplementary groups except those that it already has.
On Mon, Jul 29, 2024, 17:43 Divine Eguzouwa <divine.eguzo...@gmail.com> wrote: > Is it wise to use only `homectl` to manage human users *without* reciprocal > entries in /etc/passwd, /etc/group, or /etc/shadow? > > $ systemd-analyze security wireplumber --user > > | NAME | Description | Exposure | > > | ----------------------| -------------- | ----------- | > > | ❌ User=/DynamicUser= | Service runs.. | 0.4 | > > → Overall exposure level for wireplumber.service... > > > $ systemctl edit wireplumber.service --user > ### Editing > /home/me/.config/systemd/user/wireplumber.service.d/override.conf > ### Anything between here and the comment below will become the contents > of the... > > [Service] > > User=%u > > Group=%g > > ### Edits below this comment will be discarded > ... > > $ systemctl daemon-reload --user > > $ systemctl restart wireplumber.service --user > $ journalctl -r --unit=wireplumber --user > systemd[851]: Failed to start Multimedia Service Session Manager. > systemd[851]: wireplumber.service: Failed with result 'exit-code'. > systemd[851]: wireplumber.service: Start request repeated too quickly. > systemd[851]: wireplumber.service: Scheduled restart job, restart counter > is at 5. > systemd[851]: wireplumber.service: Failed with result 'exit-code'. > systemd[851]: wireplumber.service: Main process exited, code=exited, > status=216/GROUP > (eplumber)[11087]: wireplumber.service: Failed at step GROUP spawning > /usr/bin/wireplumber: Operation not permitted > *(eplumber)[11087]: wireplumber.service: Failed to determine supplementary > groups: Operation not permitted* > systemd[851]: Started Multimedia Service Session Manager. > > > > homectl should already know of this user's supplementary groups, unless > homectl is searching for them in `/etc/groups` instead? > > --D > > >
