Re: [systemd-devel] specialized user sessions for running large processes

2018-10-05 Thread Lennart Poettering
On Mi, 03.10.18 11:29, Thomas Blume (thomas.bl...@suse.com) wrote: > > I mean not sure what you are asking for. *every* userspace process in > > systemd needs to be managed under a unit. The cgroup tree is > > universal, you cannot have processes outside of it, thus you have to > > pick a unit. >

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-03 Thread Thomas Blume
On Dienstag 2018-10-02 17:27, Lennart Poettering wrote: On Di, 02.10.18 16:44, Thomas Blume (thomas.bl...@suse.com) wrote: On Dienstag 2018-10-02 16:17, Lennart Poettering wrote: Not sure I follow. System users should have a UID below 1000 (or whatever your OS defines as boundary between sys

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-02 Thread Mantas Mikulėnas
On Tue, Oct 2, 2018 at 9:25 PM Andrei Borzenkov wrote: > 02.10.2018 19:52, Mantas Mikulėnas пишет: > > On Tue, Oct 2, 2018 at 4:44 PM Thomas Blume > wrote: > > > >> Hi, > >> > >> there is some large software like SAP or Oracle out there that need to > >> be started/stopped via special users. > >

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-02 Thread Mike Gilbert
On Tue, Oct 2, 2018 at 2:24 PM Andrei Borzenkov wrote: > Please do not start telling that it can be done differently. Until SAP > implements *SUPPORTED* different solution (startup files are maintained > by SAP installer automatically among other things) using login shell is > the only supported w

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-02 Thread Andrei Borzenkov
02.10.2018 19:52, Mantas Mikulėnas пишет: > On Tue, Oct 2, 2018 at 4:44 PM Thomas Blume wrote: > >> Hi, >> >> there is some large software like SAP or Oracle out there that need to >> be started/stopped via special users. >> > > What exactly do you mean by "via special users", and why is that? A

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-02 Thread Mantas Mikulėnas
On Tue, Oct 2, 2018 at 4:44 PM Thomas Blume wrote: > Hi, > > there is some large software like SAP or Oracle out there that need to > be started/stopped via special users. > What exactly do you mean by "via special users", and why is that? Anything that a "special user" can start, a .service uni

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-02 Thread Lennart Poettering
On Di, 02.10.18 16:44, Thomas Blume (thomas.bl...@suse.com) wrote: > On Dienstag 2018-10-02 16:17, Lennart Poettering wrote: > > > Not sure I follow. System users should have a UID below 1000 (or > > whatever your OS defines as boundary between system and regular > > users). > > Sure, but even U

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-02 Thread Thomas Blume
On Dienstag 2018-10-02 16:17, Lennart Poettering wrote: Not sure I follow. System users should have a UID below 1000 (or whatever your OS defines as boundary between system and regular users). Sure, but even UID 0 would be still amongst the user.slice and get the user restrictions, right? Mo

Re: [systemd-devel] specialized user sessions for running large processes

2018-10-02 Thread Lennart Poettering
On Di, 02.10.18 15:32, Thomas Blume (thomas.bl...@suse.com) wrote: > Hi, > > there is some large software like SAP or Oracle out there that need to > be started/stopped via special users. > > At system boot, they get started via a user session and inherit the > restrictions from the user slice.