I'd like users in group foogroup to be able to:
systemctl start foo.service,systemctl stop foo.service,systemctl status foo.service, andjournalctl -u foo.service
without using elevated privileges. Is that possible?
I have a systemd service which looks like:
[Unit] Description=foo service [Service] Type=simple ExecStart=/bin/sleep infinity User=foobot Group=foogroup Where foobot is a system user.
I know we can install the unit file to ~/.config/systemd/user/ to allow an unprivileged user to use systemd, but this doesn't really help a group.
Note: I plan on using the sd-bus API from libsystem-dev and cockpit so adding systemctl to /etc/sudoers isn't going to help.
I don't care as much about systemctl enable, it's fine if I need elevated privilages for that.