systemd: How to start as different user?

Sun Jun 19 23:29:50 UTC 2011

2011/6/20 Reindl Harald <h.reindl at thelounge.net>:
> how to start a program as service with a defined user?
> one example below and there are many progams which can
> run headless with a restricted user - if find no option
> to do this in systemd

You should read docs

User=, Group=

    Sets the Unix user resp. group the processes are executed as.
Takes a single user resp. group name or ID as argument. If no group is
set the default group of the user is chosen.

http://0pointer.de/public/systemd-man/systemd.exec.html

>
> BTW:
> the name "sytemd" makes your life hard googling for informations
> since google seems to think the "d" is a typo
>
> #!/bin/bash
> ### BEGIN INIT INFO
> # Provides: ffserver
> # Default-Start:
> # Default-Stop: 0 1 2 3 4 6
> # Short-Description: streaming server
> # Description: streaming server
> ### END INIT INFO
> # chkconfig: 345 84 84
>
> # Service-Name
> SERVICE="ffserver"
> USER_ACCOUNT="ffserver"
>
> # Source function library.
> . /etc/init.d/functions
>
>
> [ -f /usr/bin/$SERVICE ] || exit 0
>
> # Source config
> if [ -f /etc/sysconfig/$SERVICE ] ; then
>  . /etc/sysconfig/$SERVICE
> else
>  OPTIONS=""
> fi
>
> RETVAL=0
>
> start() {
>  if [ -n "`/sbin/pidof $SERVICE`" ]; then
>  RETVAL=0
>  action $"Starte $SERVICE" /bin/false
>  return $RETVAL
>  fi
>  daemon --user $USER_ACCOUNT $SERVICE $OPTIONS > /dev/null 2> /dev/null
>  RETVAL=$?
>  PROCESS_ID=`/sbin/pidof $SERVICE`
>  if [ "$PROCESS_ID" != "" ]; then
>  PROCESS_ID="(PID: $PROCESS_ID)"
>  fi
>  action $"Starte $SERVICE $PROCESS_ID" /bin/true
>  if [ -n "`/sbin/pidof $SERVICE`" ]; then
>  touch /var/lock/subsys/$SERVICE
>  return $RETVAL
>  else
>  RETVAL=127
>  return $RETVAL
>  fi
> }
>
> stop() {
>  if [ -z "`/sbin/pidof $SERVICE`" ]; then
>  RETVAL=0
>  action $"Beende $SERVICE" /bin/false
>  return $RETVAL
>  fi
>  PROCESS_ID=`/sbin/pidof $SERVICE`
>  if [ "$PROCESS_ID" != "" ]; then
>  PROCESS_ID="(PID: $PROCESS_ID)"
>  fi
>  killproc $SERVICE
>  RETVAL=$?
>  echo "Beende $SERVICE $PROCESS_ID"
>  [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$SERVICE
>  return $RETVAL
> }
>
> rhstatus() {
>  status $SERVICE
> }
>
> restart() {
>  stop
>  start
> }
>
> case "$1" in
>  start)
>   start
>  ;;
>  stop)
>   stop
>  ;;
>  status)
>   rhstatus
>  ;;
>  restart|reload)
>   restart
>  ;;
>  condrestart)
>   [ -f /var/lock/subsys/$SERVICE ] && restart || :
>  ;;
>  *)
>  echo $"Usage: $0 {start|stop|status|restart|condrestart}"
>  exit 1
> esac
>
> exit $?
>
>
>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
>


-- 
Best regards,
Michal

http://eventhorizon.pl/