Per [1] I found a better solution. There is a defined entry for that in systemd, so it comes down to the even easier.
RuntimeDirectory=chrony RuntimeDirectoryMode=0770 For user&group (which we need) we also need to set User & Group but that would affect ExecStart which would break it. Via [2] and IRC discussion I found a way through that. One can set user/group but ignore it for the execution. User=_chrony Group=_chrony And add a ! at ExecStart I'll check if the Priv/Protect settings are affected (They would be at ExecStart=+. [1]: https://www.freedesktop.org/software/systemd/man/systemd.exec.html [2]: https://www.freedesktop.org/software/systemd/man/systemd.service.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1746444 Title: /run/chrony missing - no privileged commands possible To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/1746444/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
