[systemd-devel] RootDirectory combined with PrivateUsers=true

Victor Näslund victor.naslund at greyhash.se
Sun Aug 27 15:46:13 UTC 2017


Hi,

Is it possible to combine these RootDirectory=/foo and PrivateUsers=true
directives?
I am getting the systemd error:


*● sectest.service - Sectests*
*   Loaded: loaded (/usr/lib/systemd/system/sectest.service; disabled;
vendor preset: disabled)*
*   Active: failed (Result: exit-code) since Sun 2017-08-27 15:30:04 UTC;
10ms ago*
*  Process: 19128 ExecStart=/true (code=exited, status=217/USER)*
* Main PID: 19128 (code=exited, status=217/USER)*


I am not sure what exactly is wrong since it works with either PrivateUsers
or RootDirectory but not combined.

I am using latest fedora with:
systemd 233
+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN
default-hierarchy=hybrid

Here is my service file:

[Unit]
Description=Sectests

[Service]
Type=oneshot

RootDirectory=/chroot/
RootDirectoryStartOnly=true

PrivateUsers=true

# simply copied /usr/bin/true to /chroot/ and the libs and such to make a
chroot work as stated in the docs, it works without PrivateUsers but now
with.
ExecStart=/true

ExecReload=/bin/kill -s HUP $MAINPID

MountAPIVFS=true
PrivateDevices=true

KillSignal=SIGQUIT


[Install]
WantedBy=multi-user.target

---

Thanks in advance for any help.

Sincerely

Victor Näslund
Greyhash AB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20170827/b968e39b/attachment.html>


More information about the systemd-devel mailing list