I'd like users in group foogroup
to be able to:
systemctl start foo.service
,systemctl stop foo.service
,systemctl status foo.service
, andjournalctl -u foo.service
without using elevated privileges. Is that possible?
I have a systemd service which looks like:
[Unit]
Description=foo service
[Service]
Type=simple
ExecStart=/bin/sleep infinity
User=foobot
Group=foogroup
Where foobot
is a system user.
I know we can install the unit file to ~/.config/systemd/user/
to allow an unprivileged user to use systemd, but this doesn't really help a group.
Note: I plan on using the sd-bus API from libsystem-dev
and cockpit so adding systemctl
to /etc/sudoers
isn't going to help.
I don't care as much about systemctl enable
, it's fine if I need elevated privilages for that.
polkit
. I'm not sure how to use it yet, so I'm doing some research in that direction. – Stewart Mar 18 '19 at 07:33