On 19/10/11 21:48, Richard Shaw wrote: > On Wed, Oct 19, 2011 at 3:26 PM, Lennart Poettering > <mzerqung@xxxxxxxxxxx> wrote: >> You should manage acess control of device nodes from udev rules. That's >> the only reasonably safe way to handle these things. And this should not >> be mentioned at all in systemd unit files. > > Well, that's a bit beyond me at this point. I'm not sure that anyone > using MythTV from RPM Fusion is even choosing to run mythbackend as > anyone other than root. Perhaps for the time being I won't give them a > choice. Count me as one person that does... The systemd unit I'm using at the moment (with F15) is: [Unit] Description=MythTV Backend [Service] Environment=MYTHCONFDIR=/etc/mythtv Environment=HOME=/etc/mythtv ExecStartPre=/usr/bin/setfacl -m u:mythtv:rwx -R /dev/dvb ExecStart=/usr/bin/mythbackend --user mythtv --logfile /var/log/mythtv/mythbackend.log --pidfile /var/run/mythbackend.pid ExecStopPost=/usr/bin/setfacl -x u:mythtv -R /dev/dvb PIDFile=/var/run/mythbackend.pid Restart=on-failure [Install] WantedBy=multi-user.target Tom -- Tom Hughes (tom@xxxxxxxxxx) http://compton.nu/ -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
