From: Darrick J. Wong <darrick.wong@xxxxxxxxxx> Somewhere between systemd 237 and 245, they changed the order in which a job has its uid/gid set; capabilities applied; and working directory set. Whereas before they did it in an order such that you could set the working directory to a path inaccessible to 'nobody' (either because they did it before changing the uid or after adding capabilities), now they don't and users instead get a service failure: xfs_scrub@-boot.service: Changing to the requested working directory failed: Permission denied xfs_scrub@-boot.service: Failed at step CHDIR spawning /usr/sbin/xfs_scrub: Permission denied xfs_scrub@-boot.service: Main process exited, code=exited, status=200/CHDIR Regardless, xfs_scrub works just fine with PWD set to /, so remove that directive. Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx> --- scrub/xfs_scrub@xxxxxxxxxxx | 1 - 1 file changed, 1 deletion(-) diff --git a/scrub/xfs_scrub@xxxxxxxxxxx b/scrub/xfs_scrub@xxxxxxxxxxx index 56acea67..6fb3f6ea 100644 --- a/scrub/xfs_scrub@xxxxxxxxxxx +++ b/scrub/xfs_scrub@xxxxxxxxxxx @@ -5,7 +5,6 @@ Documentation=man:xfs_scrub(8) [Service] Type=oneshot -WorkingDirectory=%I PrivateNetwork=true ProtectSystem=full ProtectHome=read-only
