Am Dienstag, 18. November 2014, 23:31:53 schrieb Steve Langasek: > On Tue, Nov 18, 2014 at 07:47:59PM +0100, Matthias Urlichs wrote: > > Your specific package may well have different and non-general > > requirements, > > in which case > > > > > >> ExecStart=sudo -u $USER_MINIDLNA -g GROUP_MINIDLNA > > > >> /usr/sbin/minidlnad -S > > > > is an adequate and perfectly serviceable answer to your question. > > > > > init script has the ability to change the user and this is really useful > > > because the multimedia file are likely owned by you and in your home > > > directory by daemon and not minidlna and why should you belong to > > > minidlna > > > group?... > > > > Maybe because Debian is a multiuser system AIUI, so running the daemon as > > a > > specific "normal" user didn't even occur to me. Sorry! > > > > > But again this does not really slpit the script to configurable option > > > that > > > will not be overwritten when upgrading... > > > > The idea is for the package to ship a /lib/systemd/system/PACKAGE.service > > file which uses a "generic" user+group. You can then add a file > > /etc/systemd/system/PACKAGE.service which merely overwrites user+group > > settings and does not contain any other entries, in which case they'll > > be inherited from the file in /lib. No overwriting on update will happen. > > > > If you already do have an /etc/default/PACKAGE file, the sudo method's > > advantage is that you can just use an EnvironmentFile= stanza, and thus > > don't need to keep that and /etc/systemd/system/PACKAGE.service in sync > > somehow. > > The disadvantage of the sudo method is that you are spawning a PAM session, > which is not desirable for any service. > > Preferable would be to parse any existing config file for non-default user > settings as part of the package upgrade and write out > /etc/systemd/system/PACKAGE.service with only these non-default values, > avoiding any variable substitution or sudo invocation entirely.
This may break hibernation and probably suspend to disk unless dbus policy for it is changed. I reported a bug about it sometime ago. -- Martin 'Helios' Steigerwald - http://www.Lichtvoll.de GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7
signature.asc
Description: This is a digitally signed message part.
