1

I want to write a daemon that launches after boot, before login, that does background communication over USB-rawhid with an Arduino microcontroller.

I would like to run this daemon as non-root.

I would also like to avoid creating a new user, just for this daemon.

Are there any system-generic users that could be (re)used for this?

I see in my /etc/shadow a user listed, named daemon but...

# su daemon
This account is currently not available.

I am currently targeting:

It would be a bonus if this generic user would be available in default Debian and Ubuntu installs.

AdminBee
  • 22,803
Bram
  • 879

1 Answers1

2

As mentioned by @Bib, the error message you receive when trying to switch to the daemon user is because the login shell of that user is set to /sbin/nologin. This is so that no-one can work as this user on the console, which is reasonable in order to avoid unwanted interference with services operated as that user. It does not mean that systemd is unable to run a program using that user's UID, so you can use the daemon user the way you intended.

Please note however that while it appears that the daemon user and group were originally introduced exactly for that purpose, it is nowadays actually the recommended approach to create dedicated "low-privileged" users for custom services you want to set up on your computer.

Since you explicitly stated that you want to run the service using systemd, you can use the User= directive to specify the user as which the binary is to be run. Just add

User=daemon

to the [Service] section of your .service file. See the systemd documentation for more info.

AdminBee
  • 22,803