On 3 February 2017 at 05:51, Tanu Kaskinen <tanuk at iki.fi> wrote: > We disallow autospawning for root, but when using systemd socket > activation to start pulseaudio, that replaces the autospawning > mechanism, and there was no similar "root protection" in socket > activation. This patch disables the socket activation for root. > > Thanks to Felipe Sateler for coming up with the idea of using > ConditionPathIsReadWrite=!/run. I'm sorry but I'll have to take this back. This check only checks if the path is mounted read-write, not if the calling process has the necessary permissions. https://github.com/systemd/systemd/blob/master/src/shared/condition.c#L405 https://github.com/systemd/systemd/blob/master/src/basic/stat-util.c#L126 :( -- Saludos, Felipe Sateler
