IRC from #systemd [11:57] <cpaelzer> Hi, I'm *almost* happy with RuntimeDirectory and RuntimeDirectoryMode - I'd need to set user/group as well. doc says set User/Group, but that breaks the actual ExecStart :-/ [11:57] <cpaelzer> I'd almost need an inverse of PermissionsStartOnly [11:58] <boucman_work> I don't know... using an unused tty/pty pair would have been my guess, but I never really understood how those worked, so I can't really tell you much [11:58] <cpaelzer> any suggestions how that could be worked out (dir ownership without affecting the effective user the service is run)? [11:59] <boucman_work> cpaelzer: I didn't understand what you are trying to do... can you rephrase ? [11:59] <cpaelzer> I want a /run/dir to be created with a specific path (=RuntimeDirectory) mode (=RuntimeDirectoryMode) and woner (=???) [12:00] <cpaelzer> for the owner I'm supposed to set User= Group= (and that works setting the dir up that way) but I do not want User/Group to affect ExecStart [12:00] <cpaelzer> so I wonder how I'd best set ownership of that dir on service start [12:01] <boucman_work> so you want your service run as root, but the dir created as another owner ? [12:01] <cpaelzer> boucman_work: yes [12:01] <boucman_work> did you try ExecStart=+ ? that might work [12:01] <boucman_work> if not... i would abandon RuntimeDirectory and make stuff manually with ExecStartPre and ExecStopPost... [12:02] <cpaelzer> ExecStart+= would make me loose PrivateTmp and such I think [12:03] <boucman_work> hmm [12:03] <cpaelzer> I can try ExecStartPre, just about every link I found on doing so with ExecStartPre pointed me to RuntimeDirectory [12:03] <cpaelzer> but yeah, maybe my case is special and needs it via ExecStartPre :-/ [12:04] <boucman_work> yeah, RuntimeDirectory is cleaner in general, but in your particular case it can't help [12:04] <boucman_work> i'd like to understand exactly how your app work, though... running as root but using directories owned by another user makes little sense to me... [12:04] <boucman_work> is this an app that drops root privs at startup ? [12:05] <cpaelzer> boucman_work: yes [12:05] <cpaelzer> it drops and changes id later on by itself after some privileged early init [12:06] <cpaelzer> boucman_work: could ExecStart=! be an option? [12:06] <cpaelzer> just reading about that ... [12:07] <boucman_work> ok, normally that sort of app should not use User= and Group= at all... so maybe do not use these directives and just do the chmod in ExecStartPre... worth trying [12:10] <boucman_work> and yes, this seems to be what you want according to the documentation [12:11] <cpaelzer> boucman_work: thanks, it really works - I now need to check if any of the PrivateTmp/Protect* features are affected [12:11] <cpaelzer> but the dir creation works
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1746444 Title: /run/chrony missing - no privileged commands possible To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/1746444/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
