From 67182fbc1062c543751dac3676c33b8da0dcead5 Mon Sep 17 00:00:00 2001 From: inclyc Date: Sun, 4 Sep 2022 19:54:21 +0800 Subject: [PATCH] docs: [example][systemd] use `DynamicUser=yes` (#186) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch fixes a warning generated by some new version of systemd. Use "User=nobody" seems to be considered unsafe. So maybe we need to fix it in our example files. ● ratholec@hitmc.service - Rathole Client Service Loaded: loaded (/etc/systemd/system/ratholec@.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-09-03 23:38:43 CST; 1h 27min ago Main PID: 507903 (rathole) Tasks: 14 (limit: 76731) Memory: 6.9M CPU: 39.908s CGroup: /system.slice/system-ratholec.slice/ratholec@hitmc.service └─507903 /usr/local/bin/rathole -c /etc/rathole/hitmc.toml Sep 03 23:38:43 systemd[1]: Started Rathole Client Service. ... Sep 03 23:39:25 systemd[1]: /etc/systemd/system/ratholec@.service:7: Special user nobody configured, this is not safe! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969329 Link: https://github.com/trojan-gfw/trojan/issues/612 Link: https://www.vvave.net/archives/fix-the-systemd-error-special-user-nobody-configured-this-is-not-safe.html --- examples/systemd/rathole@.service | 2 +- examples/systemd/ratholec.service | 2 +- examples/systemd/ratholec@.service | 2 +- examples/systemd/ratholes.service | 2 +- examples/systemd/ratholes@.service | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/examples/systemd/rathole@.service b/examples/systemd/rathole@.service index c502607..508ba32 100644 --- a/examples/systemd/rathole@.service +++ b/examples/systemd/rathole@.service @@ -4,7 +4,7 @@ After=network.target [Service] Type=simple -User=nobody +DynamicUser=yes Restart=on-failure RestartSec=5s ExecStart=/usr/bin/rathole /etc/rathole/%i.toml diff --git a/examples/systemd/ratholec.service b/examples/systemd/ratholec.service index 898edcb..742c750 100644 --- a/examples/systemd/ratholec.service +++ b/examples/systemd/ratholec.service @@ -4,7 +4,7 @@ After=network.target [Service] Type=simple -User=nobody +DynamicUser=yes Restart=on-failure RestartSec=5s ExecStart=/usr/bin/rathole -c /etc/rathole/rathole.toml diff --git a/examples/systemd/ratholec@.service b/examples/systemd/ratholec@.service index c66c0f1..472a02e 100644 --- a/examples/systemd/ratholec@.service +++ b/examples/systemd/ratholec@.service @@ -4,7 +4,7 @@ After=network.target [Service] Type=simple -User=nobody +DynamicUser=yes Restart=on-failure RestartSec=5s ExecStart=/usr/bin/rathole -c /etc/rathole/%i.toml diff --git a/examples/systemd/ratholes.service b/examples/systemd/ratholes.service index 7f8964f..62e5031 100644 --- a/examples/systemd/ratholes.service +++ b/examples/systemd/ratholes.service @@ -4,7 +4,7 @@ After=network.target [Service] Type=simple -User=nobody +DynamicUser=yes Restart=on-failure RestartSec=5s ExecStart=/usr/bin/rathole -s /etc/rathole/rathole.toml diff --git a/examples/systemd/ratholes@.service b/examples/systemd/ratholes@.service index 7042429..c101612 100644 --- a/examples/systemd/ratholes@.service +++ b/examples/systemd/ratholes@.service @@ -4,7 +4,7 @@ After=network.target [Service] Type=simple -User=nobody +DynamicUser=yes Restart=on-failure RestartSec=5s ExecStart=/usr/bin/rathole -s /etc/rathole/%i.toml