How to get different UID using Dynamic Users with socket activation?

Asked Jun 02 '23 at 13:44

Active Jun 02 '23 at 13:44

Viewed 52 times

I'm following the Dynamic Users with systemd post and creating the waldo.socket and waldo.service.

Here is my waldo.socket.

[Socket]
ListenStream=2048
Accept=yes

And the corresponding [email protected]

[Service]
ExecStart=-sleep 300
DynamicUser=yes

It works nicely, but I discovered that all sleep 300 are launched with the same UID.

$ ps fax -o uid,pid,cmd | grep sleep
61647   87279 sleep 300
61647   87282 sleep 300
61647   87285 sleep 300

I'd like to have each instance of the service using a distinct UID, as is implied in that article

By combining dynamic user IDs with socket activation you may easily implement a system where each incoming connection is served by a process instance running as a different, fresh, newly allocated UID within its own sandbox.

What am I doing wrong ?

asked Jun 02 '23 at 13:44

Steve Schnepp

May be try making it not a template service. i.e rename it to `waldo.service`? – balki Jun 03 '23 at 04:21
Then all connections are served by the same service, which is precisely what I do *not* want – Steve Schnepp Jun 03 '23 at 07:24

How to get different UID using Dynamic Users with socket activation?

0 Answers0