В Thu, 28 May 2015 17:21:14 -0700 aaron_wri...@selinc.com пишет: > Brandon Philips <bran...@ifup.co> wrote on 05/28/2015 05:10:33 PM: > > Access to the system dbus is controlled by dbus policies. You will > > need to write a policy for giving this user access to the systemd1 > object. > > > > I compiled systemd without dbus support (--disable-dbus), and there is no > dbus daemon or dbus lib on the system. Is that a requirement to get the > functionality I want? I didn't see much need for dbus as the system works > quite well without it. Well, except for this of course. > > > On May 28, 2015 2:28 PM, <aaron_wri...@selinc.com> wrote: > >> I'm working on an embedded system, and I ran into a situation where > >> a non-root user needs to runs systemctl, but when I try I get: > >> ~ $ systemctl status > >> Failed to get D-Bus connection: No such file or directory > >> > >> So, I try with the suid bit on systemctl set, but then I get: > >> > >> ~ $ systemctl status > >> Failed to read server status: Operation not permitted > >> > >> My question is, is something broken, or is this expected behavior?
If you do not use D-Bus daemon systemd will be listening on private socket. In this case the only check it does is that peer runs as UID=0 (note - not EUID, so suid does not really help). I wonder how access control is implemented in kdbus case. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
