I’ve inherited a systemd service and it uses BindReadOnlyPaths to make certain paths available to the service (doc)
A bind mount makes a particular file or directory available at an additional place in the unit’s view of the file system. Any bind mounts created with this option are specific to the unit, and are not visible in the host’s mount table.
The service is running using a specific user and I would like the user to access those read-only paths outside of the service. Is there an possibility within systemd that would allow me to do that?
Edit: solved it with a systemd bind mount
What do you meam by outside of service, but within systemd?
As in the solution should use systemd i.e no “just
sudo mount --bind -o ro /src /dstbro”. Then when Isudo -u $serviceUser cat $mountPath, it should output the contents of the file instead of just nothing.Anti Commercial-AI license
Well just create another service with mounted paths and run shell script inside it or use
systemd run --property ...?