Instead of putting keyd.sock file directly in /run create a /run/onak
which can then be owned by the onak user. Otherwise keyd will have
problems creating the socket when activated directly instead of via the
socket unit file.
[Service]
User=onak
+ExecStartPre=/bin/mkdir -m 0755 /run/onak
+ExecStartPre=/bin/chown onak /run/onak
ExecStart=/usr/sbin/keyd -f
ExecStop=/usr/bin/keydctl quit
[Socket]
-ListenStream=/run/keyd.sock
+ListenStream=/run/onak/keyd.sock
SocketUser=onak
SocketMode=0660
loglevel=3
; Should we use the keyd backend?
use_keyd=false
-sock_dir=@CMAKE_INSTALL_FULL_RUNSTATEDIR@
+sock_dir=@CMAKE_INSTALL_FULL_RUNSTATEDIR@/onak
; Maximum number of keys to return in a reply to an index, verbose index or
; get. Setting it to -1 will allow any size of reply.
max_reply_keys=128
projects / onak.git / commitdiff