Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

systemd_service: Support for the "machine" parameter #82958

Open
1 task done
jimmy-lt opened this issue Apr 2, 2024 · 3 comments · May be fixed by #82959
Open
1 task done

systemd_service: Support for the "machine" parameter #82958

jimmy-lt opened this issue Apr 2, 2024 · 3 comments · May be fixed by #82959
Labels
feature This issue/PR relates to a feature request. has_pr This issue has an associated PR. module This issue/PR relates to a module.

Comments

@jimmy-lt
Copy link

jimmy-lt commented Apr 2, 2024
edited

Summary

When trying to run systemd as another user, the following is advised:

- name: Run a user service when XDG_RUNTIME_DIR is not set on remote login
  ansible.builtin.systemd_service:
    name: myservice
    state: started
    scope: user
  environment:
    XDG_RUNTIME_DIR: "/run/user/{{ myuid }}"

However, this may not always work and can fail in various ways, typically:

Failed to connect to bus: Operation not permitted

Since systemd 248, the --machine option is available to to open a connection to the session bus of a specific user.

Issue Type

Feature Idea

Component Name

systemd_service

Additional Information

- name: Run from within a specific user session
  ansible.builtin.systemd_service:
    name: myservice
    state: started
    scope: user
    machine: myuser@.host

Code of Conduct

  • I agree to follow the Ansible Code of Conduct
@ansibot ansibot added feature This issue/PR relates to a feature request. needs_triage Needs a first human triage before being processed. module This issue/PR relates to a module. labels Apr 2, 2024
@ansibot
Copy link
Contributor

ansibot commented Apr 2, 2024

Files identified in the description:

If these files are incorrect, please update the component name section of the description or use the component bot command.

jimmy-lt added a commit to jimmy-lt/ansible that referenced this issue Apr 2, 2024
@jimmy-lt
systemd_service - Add the machine parameter (ansible#82958)
8ceea6f 
systemctl's `--machine` option execute the operation in the context of a local
user session or a local container.

This provides a failsafe way to run systemd on behalf of another user than
setting the `XDG_RUNTIME_DIR` variable.

Signed-off-by: Jimmy Thrasibule <dev@jimmy.lt>
@jimmy-lt jimmy-lt linked a pull request Apr 2, 2024 that will close this issue
Open
@ansibot ansibot added the has_pr This issue has an associated PR. label Apr 2, 2024
@konstruktoid
Copy link
Contributor

Out of curiosity, wouldn't it be advised to use become_user as well, in order not to trigger the permission issue?

@jimmy-lt
Copy link
Author

jimmy-lt commented Apr 2, 2024

become_user does overcome the permission denied issue. The --machine option however provides better integration with systemd and simplifies the task definition (no become or environment required).

jimmy-lt added a commit to jimmy-lt/ansible that referenced this issue Apr 2, 2024
@jimmy-lt
systemd_service - Add the machine parameter (ansible#82958)
ec6688e 
systemctl's `--machine` option execute the operation in the context of a local
user session or a local container.

This provides a failsafe way to run systemd on behalf of another user than
setting the `XDG_RUNTIME_DIR` variable.

Signed-off-by: Jimmy Thrasibule <dev@jimmy.lt>
@nitzmahone nitzmahone removed the needs_triage Needs a first human triage before being processed. label Apr 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature This issue/PR relates to a feature request. has_pr This issue has an associated PR. module This issue/PR relates to a module.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

systemd_service - Add the machine parameter (#82958) jimmy-lt/ansible
4 participants
@jimmy-lt @ansibot @nitzmahone @konstruktoid