[systemd-devel] runtime directories for services vs. tmpfiles
lennart at poettering.net
Wed Jul 17 06:51:03 PDT 2013
On Wed, 17.07.13 11:07, Michael Biebl (mbiebl at gmail.com) wrote:
> 2013/7/16 Lennart Poettering <lennart at poettering.net>:
> > I'd be very conservative regarding adding full tmpfiles support into
> > unit files directly. Instead, I'd suggest adding two very minimal, very
> > specific new unit file settings:
> > RuntimeDirectory=
> > RuntimeDirectoyMode=
> > If RuntimeDirectory= is set we'd create it and chown() it to the UID/GID
> > set with User= and Group=. We'd apply the mode specified in
> > RuntimeDirectoryMode= to it.
> What about daemons which drop privileges on their own? Shouldn't we
> provide a directive to set the directory owner/group?
If they drop privs on their own they *really* should also just create
the runtime dirs along with it, after all they are privileged first. And
most already do actually.
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel