[systemd-devel] jailrooting services with RootDirectory - how ?
Michael Chapman
mike at very.puzzling.org
Wed Sep 28 08:11:14 UTC 2022
> Is there a simple demo example that uses it that I could try ?
This worked for me:
$ cd /tmp/root
$ cat hello.c
#include <stdio.h>
int main(void) {
puts("Hello, world!");
}
$ clang -static -o hello hello.c
$ cat /etc/systemd/system/hello.service
[Service]
Type=oneshot
ExecStart=/hello
RootDirectory=/tmp/root
$ systemctl daemon-reload
$ systemctl start hello.service
$ systemctl status hello.service
○ hello.service
Loaded: loaded (/etc/systemd/system/hello.service; static)
Active: inactive (dead)
Sep 28 18:07:35 hostname systemd[1]: Finished hello.service.
Sep 28 18:08:54 hostname systemd[1]: Starting hello.service...
Sep 28 18:08:54 hostname hello[510676]: Hello, world!
Sep 28 18:08:54 hostname systemd[1]: hello.service: Deactivated successfully.
Sep 28 18:08:54 hostname systemd[1]: Finished hello.service.
More information about the systemd-devel
mailing list