[systemd-devel] runtime directories for services vs. tmpfiles

Lennart Poettering lennart at poettering.net
Wed Jul 17 06:51:03 PDT 2013


On Wed, 17.07.13 11:07, Michael Biebl (mbiebl at gmail.com) wrote:

> 
> 2013/7/16 Lennart Poettering <lennart at poettering.net>:
> 
> > I'd be very conservative regarding adding full tmpfiles support into
> > unit files directly. Instead, I'd suggest adding two very minimal, very
> > specific new unit file settings:
> >
> > RuntimeDirectory=
> > RuntimeDirectoyMode=
> >
> > If RuntimeDirectory= is set we'd create it and chown() it to the UID/GID
> > set with User= and Group=. We'd apply the mode specified in
> > RuntimeDirectoryMode= to it.
> 
> What about daemons which drop privileges on their own? Shouldn't we
> provide a directive to set the directory owner/group?

If they drop privs on their own they *really* should also just create
the runtime dirs along with it, after all they are privileged first. And
most already do actually.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the systemd-devel mailing list