I’ve inherited a systemd service and it uses BindReadOnlyPaths to make certain paths available to the service (doc)

A bind mount makes a particular file or directory available at an additional place in the unit’s view of the file system. Any bind mounts created with this option are specific to the unit, and are not visible in the host’s mount table.

The service is running using a specific user and I would like the user to access those read-only paths outside of the service. Is there an possibility within systemd that would allow me to do that?

  • onlinepersonaOPEnglish
    1·
    4 hours ago

    As in the solution should use systemd i.e no “just sudo mount --bind -o ro /src /dst bro”. Then when I sudo -u $serviceUser cat $mountPath, it should output the contents of the file instead of just nothing.

    Anti Commercial-AI license

    • nesc@lemmy.cafeEnglish
      1·
      2 hours ago

      Well just create another service with mounted paths and run shell script inside it or use systemd run --property ...?