On Fri, Jan 05, 2024 at 11:37:41PM +0100, Valerio Vanni wrote: > This way works, I don't know if it has security flaws. > ------------ > systemd-run --unit=kaffeine-resumed setpriv --reuid "$kafuid" --regid > "$kafgid" --init-groups --reset-env \ > env XDG_RUNTIME_DIR=/run/user/"$kafuid" $kafdis > XDG_CURRENT_DESKTOP=KDE \ > /usr/bin/kaffeine --lastchannel > /dev/null 2>&1 > ------------
systemd-run(1) appears to have its own --uid and --gid options. If you can live without supplementary groups and the variables that are set by --reset-env, you can probably drop the setpriv part and just use systemd-run's --uid and --gid. On the other hand, if it ain't broke....
