[systemd-devel] PrivateDevices=true blocks use of ttys?

Lennart Poettering lennart at poettering.net
Fri Dec 26 15:36:07 PST 2014


On Fri, 26.12.14 13:37, Alison Chaiken (alison at she-devel.com) wrote:

> On Fedora 21, I created a unit file in which I included
> 'PrivateDevices=true'.    When I attempt to start the unit from the text
> console, the unit fails, and 'systemctl status -l' reports:
> 
> startx[2754]: (EE) xf86OpenConsole: Cannot open /dev/tty0 (No such file or
> directory)

X requires access to DRI and input devices, and cannot run in
PrivateDevices= because of that.

> 
> When I take 'PrivateDevices=true' out of the unit file, it works fine.
> The man page for systemd.exec reads
> 
> PrivateDevices=
> Takes a boolean argument. If true, sets up a new /dev namespace for the
> executed processes and only adds API pseudo devices such as /dev/null,
> /dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it, but
> no physical devices such as /dev/sda.
> 
> Isn't /dev/tty0 a pseudo TTY?   Shouldn't a service that has
> 'PrivateDevices=true' be able to access /dev/tty0?   I'm willing to
> investigate further to see if there's a bug, but want to make sure that I
> understand the expected behavior first

/dev/tty0 is part of the VT subsystem and it's not a pseudo tty in the
UNIX sense. The pseudo tty devices are those under /dev/pts/, as
documented in pts(4) and pty(7)

The VT subsystem and serial devices are explicitly not included in
what PrivateDevices= covers.

Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list