[systemd-devel] Best practice for prepopulating the CacheDirectory of dynamic users
Lennart Poettering
lennart at poettering.net
Wed Feb 28 17:13:45 UTC 2018
On Mi, 28.02.18 17:38, Antoine Pietri (antoine.pietri1 at gmail.com) wrote:
> On Wed, Feb 28, 2018 at 5:24 PM, Lennart Poettering
> <lennart at poettering.net> wrote:
> > Does it have to be a writable copy? if not you could just do '-p
> > BindReadOnlyPaths=/path/to/my/source:/var/cache/mywrapper'
>
> Yes it does, the build happens in place.
>
> > That said, maybe we should add a concept of TemplateCacheDirectory= or
> > so, which would allow prepopulating the dir from some external
> > source.
>
> That would be cool, although if we can treat /var/cache/private as an
> API, it might be redundant with just using /var/cache/private as the
> template cache directory directly?
Well, if we'd have TemplateCacheDirectory= then you could do fun stuff
like having a single template dir, but multiple instances, and each
time you start a new instance it gets its own private copy
transparently and magically.
>
> >> - My current workaround is to shell-out to `systemd-run -p
> >> DynamicUser=yes ...` first to do a mkdir -p, then for a cp -R. This
> >> solution requires a lot of boilerplate from the Python wrapper and
> >> takes more time for no good reason, so I think it's not ideal.
> >
> > This sounds OK to me tbh.
>
> Okay! Does that also apply to the other possible approach I sent in my
> second mail? (Running a `dummy sh -c read` service with systemd-run,
> do the setup and kill it when the setup is done). The advantage of
> that one is that you can do any arbitrary processing while staying in
> the Python code.
I am not sure I follow?
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list