[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Question about writing systemd unit for old package

On 18/05/21 11:58 am, Paul Wise wrote:
On Mon, May 17, 2021 at 12:51 PM Khoa Tran Minh wrote:

A related question: The binary itself can drop privilege and run as
non-root, then should I use that native feature or use systemd User= when
writing a default config/unit ?

I would suggest to use systemd features for this.

Does that not depend on whether it does anything before dropping privileges? For example, a webserver can bind to low ports before dropping privilege. I imagine if the systemd service unit specified running as (eg) www-data, that wouldn't work.


Reply to: