I'd like users in group foogroup
to be able to:
systemctl start foo.service
,systemctl stop foo.service
,systemctl status foo.service
, andjournalctl -u foo.service
without using elevated privileges. Is that possible?
I have a systemd service which looks like:
[Unit]
Description=foo service
[Service]
Type=simple
ExecStart=/bin/sleep infinity
User=foobot
Group=foogroup
Where foobot
is a system user.
I know we can install the unit file to ~/.config/systemd/user/
to allow an unprivileged user to use systemd, but this doesn't really help a group.
Note: I plan on using cockpit so adding systemctl
to /etc/sudoers
isn't going to help.
Best Answer
In /etc/polkit-1/rules.d/10-myservice.rules