19

I need to create a service for a web server called daphne I would like to know what are the correct linux permissions for this. or if exists a general rule for whatever systemd service?

Rui F Ribeiro
  • 55,929
  • 26
  • 146
  • 227
Darwin
  • 293
  • 1
  • 2
  • 7

1 Answers1

29

Any local user can read the definition of any systemd system unit through the DBus interface (for example using systemctl show someUnitName), unless you have a custom DBus policy in place to prevent this.

Making the unit file not world-readable thus makes no sense and systemd will print a warning if applicable. Similarly, it will also warn if the unit file is marked executable.

Unless you want the unit file to be editable for a particular (non-root) user or group, stick to the same convention used for most other system files: 0644 root:root.

TooTea
  • 2,298
  • 9
  • 15
  • 4
    `systemd` can also manage **user** services, in which cases the definition goes into a user directory (such as `~/.config/systemd/user`) instead of `/etc/systemd`, and the owner would be the user, not root. – Rolf Feb 26 '19 at 23:54