[systemd-devel] Restarting a service as user instead as root
Michael Chapman
mike at very.puzzling.org
Mon Aug 13 09:51:00 UTC 2018
On Mon, 13 Aug 2018, Cecil Westerhof wrote:
> I have a service that is run as a different user as root. But only root can
> restart the service. Is there a way to make 'systemctl restart' work for
> the user that runs the service?
You could simply add some Sudo rules allowing the user to perform that
command.
Alternatively, you can write a polkit rule to describe the permissions.
For example, the following would give permission for a particular
user to restart a particular service:
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "example.service" &&
action.lookup("verb") == "restart" &&
subject.user == "username") {
return polkit.Result.YES;
}
});
See the AUTHORIZATION RULES section of the polkit(8) manpage for further
details.
More information about the systemd-devel
mailing list