On 3/4/20 8:48 PM, jay.bur...@fujitsu.com wrote:
All,
I have a debate going on over which is the best way to recommend to
a development organization how to design a service shutdown. There are two
camps.
1.Use the ExecStop with an additional process that needs to ipc to the
services
main p
Hey Mantas,
Thanks for the reply.
On Wed, Mar 4, 2020 at 12:06 PM Mantas Mikulėnas wrote:
> On Wed, Mar 4, 2020 at 7:26 PM Matt Zagrabelny wrote:
>
>> Greetings,
>>
>> Do folks use non-root users to own AF_INET sockets
>>
>
> This bit *really* doesn't make sense.
>
Sure. That is why I asked i
Am 04.03.20 um 20:48 schrieb jay.bur...@fujitsu.com:
> I have a debate going on over which is the best way to recommend to
>
> a development organization how to design a service shutdown. There are two
>
> camps.
>
> 1. Use the ExecStop with an additional process that needs to ipc
> to
All,
I have a debate going on over which is the best way to recommend to
a development organization how to design a service shutdown. There are two
camps.
1. Use the ExecStop with an additional process that needs to ipc to the
services
main pid and wait for a response.
2. Use the
On Wed, Mar 4, 2020 at 7:26 PM Matt Zagrabelny wrote:
> Greetings,
>
> Do folks use non-root users to own AF_INET sockets
>
This bit *really* doesn't make sense. You're not changing the socket
ownership in your examples at all -- you're changing the *service's* user
account. Who owns the socket
Greetings,
Do folks use non-root users to own AF_INET sockets to limit root exposure
in their systemd socket units?
Is it even a sensible question?
Thanks for any commentary!
FWIW, here is my .socket and .service units:
==> /etc/systemd/system/cdr-adjunct@.service <==
[Unit]
Description=Call
