[systemd-devel] DynamicUser in instantiated (and socket-activated) units
Lennart Poettering
lennart at poettering.net
Tue Jan 21 16:08:14 UTC 2020
On Di, 21.01.20 16:02, Leonid Isaev (leonid.isaev at ifax.com) wrote:
> On Tue, Jan 21, 2020 at 03:53:10PM +0000, Leonid Isaev wrote:
> > I am trying to sandbox processes that run via instantiated units and
> > the DynamicUser feature seems like a nice solution. However, when I start
> > several such units simultaneously, the dynamic UID, while random, is the same
> > for all instances (see below). Is this expected behavior and is there any way
> > to make UID different for each instance?
>
> Sorry, forgot to mention, it is systemd 244 on Arch Linux.
if you speciy the same user name its going to have the same uid.
use something like this:
…
[Service]
…
User=foo-%i
DynamicUser=1
…
That way you have a separate user for each instance, and the user is
called "foo-" suffixed with the instance ID. And each UID is
dynamically assigned.
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list