Eleven init systems enter, one init system leaves.
  • dwt@feddit.orgDeutsch
    11·
    2 days ago

    I like this, but even though pod man runs perfect rootless, quadlets can only run as root for now :-(

      • dwt@feddit.orgDeutsch
        1·
        18 hours ago

        How do you do that? Please link a description. This has been a major stumbling block for me

          • dwt@feddit.orgDeutsch
            1·
            15 hours ago

            Yeah, that works, but it means the services cannot be managed by systemctl as root anymore. Or am I missing something?

            • mholiv@lemmy.world
              1·
              12 hours ago

              You can if you want to. But I don’t think that is best practice. The idea of quadlets is the bring Linux norms to containers. You contain and manage all permissions for that container in that user.

              I personally have completely separated users and selinux mls contexts for each container group (formerly docker compose file) and I manage them thusly. It’s more annoying but it substantially more secure.

              This being said I think you can do it as root. I think this might work but I am not certain sudo systemctl --user -M theuser@ status myunit.service

      • Quik@infosec.pubEnglish
        3·
        1 day ago

        Same here; Rootless Podman Quadlets gang unite (there is two of us in total)

    • Quik@infosec.pub
      2·
      1 day ago

      Just place your Quadlets in the $HOME/.config/containers/systemd/ directory for this ;)

      The reference I linked to earlier also contains more information on rootless.

      • dwt@feddit.orgDeutsch
        1·
        18 hours ago

        While that is true, that is not how I would run services normally with SystemD. Those would be defined globally, but run as a user.

        Definitiv then in the user home, means that I dint see them with systemctl which is very annoying.