On Wed, 26.05.10 19:54, Nicolas Mailhot (nicolas.mailhot@xxxxxxxxxxx) wrote: > > Le mercredi 26 mai 2010 à 19:39 +0200, Alexander Boström a écrit : > > ons 2010-05-26 klockan 10:01 +0100 skrev James Findley: > > > > > It's really not at all uncommon for me to need to modify an init script. > > > There would be much rage if in order to do this I had to download the > > > SRPM, extract the init code, figure out what I needed to change, modify > > > it, recompile then install. > > > > Various ways to deal with that: > > > > 1. Change the Exec=/usr/libexec/food to > > ExecStart=/usr/local/sbin/foodwrapper > > Won't work since one of the main things current scripts do is run some > code as root, and some other code as the target user. We already cover for that. You can set "PermissionsStartOnly=yes" in the .service file. Then, only the program specified in ExecStart= will be started with reduced permissions (i.e. with dropped priviliges, reduced caps, yadda yadda), and everything in ExecStartPre= and friends will run as normal root user. Lennart -- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net http://0pointer.net/lennart/ GnuPG 0x1A015CC4 -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
