Hello, Isn't there UID mapping support for this purpose? For that specific NFS mount, you could map whatever UID it is to UID 0 Best, Adrian <div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Thu, Mar 27, 2025, 15:03 James Muir (jamesmui) <<a href="mailto:jamesmui@cisco.com">jamesmui@cisco.com</a>> wrote: </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div lang="EN-CA" link="#467886" vlink="#96607D" style="word-wrap:break-word"> <div class="m_6441784459194281163WordSection1"> > > Is there a conf option or an environment variable I can use to disable the unsafe path transition check? > > No there is not. It's a security hole what you are doing there... > > > Failing that, is there a way I can change the ownership systemd-tmpfiles sees? > > Why not just fix the ownership of the root inode? i.e. actually fix > the original problem that causes the message to show? The root filesystem is mounted read-only because the nfs server only allows read-only exports (i.e. "ro"). So, "chown root:root /" does not work on the client. And on the server, I do not have root access. <div id="m_6441784459194281163mail-editor-reference-message-container"> <div> <div> <div> </div> </div> </div> </div> </div> </div> </blockquote></div>