contributed systemd unit doesn't work in user session #49
Comments
Many unit options are documented to not work in the user daemons, usually with the following note in the systemd.exec(5) man page: > This option is only available for system services and is not supported > for services running in per-user instances of the service manager. In some circumstances these settings work where user namespaces are supported (by setting the `PrivateUser` option). However users namespaces are disabled on most distributions. This changeset pares the options to those supported in user daemons to allow for ease of use for users. Fixes: FiloSottile#49
|
As a datapoint, I have the provided unit file running unmodified (other than executable path) on my machine as a user service. I believe the capability to use particular options is distro-specific; I’m running on nixos. Indeed the systemd issue you linked says
I’m not sure the right solution here. I guess we want distributions to package a unit that uses at many of the given options that work, but ultimately it’s the packager’s job to make it work. |
|
For what it's worth, I'm on NixOS 20.03. |
|
Huh. Well i recently packaged yubikey-agent for NixOS unstable so I’m unsure what might have changed in the meantime. |
|
I'm unsure. Do you have a different kernel (5.4.58) or systemd (243.7)? I'm happy to move NixOS conversation elsewhere. |
|
It looks like this requires systemd/systemd@5749f85 which is in systemd v245. Let me see about fetching this from unstable. |
|
Can confirm, using 245.6 from unstable results in the unmodified unit file working. Looking at Repology, it looks like this version is available on most of the common desktop distributions I'm aware of (backports on Debian Stable, Ubuntu 20.04 LTS, Fedora 32). Biggest outliers look to be NixOS 20.03 and Raspian Stable. |
Many unit options are documented to not work in the user daemons, usually with the following note in the systemd.exec(5) man page: > This option is only available for system services and is not supported > for services running in per-user instances of the service manager. In some circumstances these settings work where user namespaces are supported (by setting the `PrivateUser` option). However users namespaces are disabled on most distributions. This changeset pares the options to those supported in user daemons to allow for ease of use for users. Fixes #49
The systemd unit at /contrib/systemd/user/yubikey-agent.service implies that it is suitable for the user systemd daemon, however it contains options that required privileges to run, resulting in errors similar to the following:
This is reflected in similar issues upsteam, such as systemd/systemd#9870. I can try paring the list down to options that work.
The text was updated successfully, but these errors were encountered: