Systemd sysusers directory (#68)

Signed-off-by: Lorenzo Fontana <lo@linux.com>
2025-03-14 14:16:16 +01:00 · 2018-04-06 12:26:50 +02:00 · 2018-04-06 12:26:50 +02:00 · 39c9f7ed76
commit 39c9f7ed76
parent 73c6d4de27
3 changed files with 8 additions and 3 deletions
--- a/systemd/README.md
+++ b/systemd/README.md
@ -3,3 +3,7 @@
 Use `coredns.service` as a systemd service file. It defaults to using a "coredns" user with
 a homedir of `/var/lib/coredns` and the binary lives in `/usr/bin` and the config in
 `/etc/coredns/Corefile`.
+
+In order to work, the systemd unit needs a user named `coredns`, an handy way to provide
+it is to use the `systemd-sysusers` service by installing the `coredns-sysusers.conf` file in the
+`sysusers.d` folder (e.g: `/usr/lib/sysusers.d`).
--- a/systemd/coredns-sysusers.conf
+++ b/systemd/coredns-sysusers.conf
@ -0,0 +1 @@
+u coredns - "CoreDNS is a DNS server that chains plugins " /
--- a/systemd/coredns.service
+++ b/systemd/coredns.service
@ -7,9 +7,9 @@ After=network.target
 PermissionsStartOnly=true
 LimitNOFILE=1048576
 LimitNPROC=512
-CapabilityBoundingSet=CAP_NET_BIND_SERVICE 
-AmbientCapabilities=CAP_NET_BIND_SERVICE 
-NoNewPrivileges=true 
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+NoNewPrivileges=true
 User=coredns
 WorkingDirectory=~
 ExecStart=/usr/bin/coredns -conf=/etc/coredns/Corefile
				`@ -0,0 +1 @@`
				`u coredns - "CoreDNS is a DNS server that chains plugins " /`