generated from ublue-os/udev-rules
-
Notifications
You must be signed in to change notification settings - Fork 28
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Attempt to fix "Temporary failure in name resolution"
in automatic rpm-ostree update script.
- Loading branch information
1 parent
2978e9e
commit ff2a042
Showing
1 changed file
with
32 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
[Unit] | ||
Description=rpm-ostree System Management Daemon | ||
Documentation=man:rpm-ostree(1) | ||
ConditionPathExists=/ostree | ||
RequiresMountsFor=/boot | ||
Wants=network-online.target | ||
After=network-online.target | ||
|
||
[Service] | ||
# See similar code in rpm-ostree-countme.service | ||
User=rpm-ostree | ||
DynamicUser=yes | ||
# As of right now, our primary API is DBus. But see also https://github.com/coreos/rpm-ostree/issues/3850 | ||
Type=dbus | ||
BusName=org.projectatomic.rpmostree1 | ||
# To use the read-only sysroot bits | ||
MountFlags=slave | ||
# We have no business accessing /var/roothome or /var/home. In general | ||
# the ostree design clearly avoids touching those, but since systemd offers | ||
# us easy tools to toggle on protection, let's use them. In the future | ||
# it'd be nice to do something like using DynamicUser=yes for the main service, | ||
# and have a system rpm-ostreed-transaction.service that runs privileged | ||
# but as a subprocess. | ||
ProtectHome=true | ||
NotifyAccess=main | ||
# Significantly bump this timeout from the default because | ||
# we do a lot of stuff on daemon startup. | ||
TimeoutStartSec=5m | ||
# We start this main process with full privileges; it may spawn unprivileged processes | ||
# with the rpm-ostree user. | ||
ExecStart=+rpm-ostree start-daemon | ||
ExecReload=rpm-ostree reload |