[systemd-devel] [PATCH] TODO: Simple conditionals in tmpfiles
Colin Walters
walters at verbum.org
Sat Mar 1 07:03:17 PST 2014
On Fri, Feb 28, 2014 at 9:36 AM, Josh Triplett <josh at joshtriplett.org>
wrote:
> ---
>
> Strawman proposal, open to suggestions.
>
...
>
> + - Simple conditionals: "C path mode user group - (tmpfiles-line)"
> does tmpfiles-line if path has mode, user, and group:
> + C /usr/bin/screen 2755 root utmp - d /var/run/screen 0775 root
> utmp
> + C /usr/bin/screen 4755 root utmp - d /var/run/screen 0755 root
> utmp
> + C /usr/bin/screen 0755 root utmp - d /var/run/screen 1777 root
> utmp
>
While I know I *just* posted a mail suggesting that more service state
move to unit files... this feels pretty hacky to me.
Are there any use cases other than screen?
I also don't like the idea of admins "configuring" via chmod on stuff
in /usr/bin. OSTree simply won't support that for example.
A lot of this may come back to the discussion about screen and
sessions. If for example, users could request a new headless session,
then most of the screen security-related architecture would be
completely unnecessary with systemd, since the per-user state could
just be hooked off of the per-user runtime dir.
The per-user runtime dir would stay alive because the headless session
would keep the user around.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140301/9b0e81d5/attachment.html>
More information about the systemd-devel
mailing list