Learning Help: modeling system-user services with `run0`

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Assuming: run0 (and all of systemd for that matter) security works by sandboxing a service's "cgroup-namespace environment" (i.e., through User=/Group=, and/or NoNewPrivilages=, and/or etc.) and directly executing the given command therin...

I have a chain of services that executes a process belonging to User=/Group=one, that will read from a specific directory belonging to User=/Group=two, subsequently resulting in running a /bin executable that belongs to User=/Group=ANY

Please walk me through how to model run0 --user to accomplish this in an "environment" without authentication? So far I keep bumping into "Failed to start transient service unit: Interactive authentication required." errors which leads me to believe that my earlier assumption is incorrect

-D
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux