Hi,
I created a systemd
service to automatically spawn a tmux
session upon system boot:
❯ cat /etc/systemd/system/tmux@cig0.service
[Unit]
Description=Start tmux in detached session
[Service]
Type=forking
User=%I
ExecStart=/usr/bin/tmux new-session -s %u -d
ExecStop=/usr/bin/tmux kill-session -t %u
[Install]
WantedBy=multi-user.target
Now, because the file is installed in a directory which - I presume - is labeled by SELinux as belonging to the user root
, systemd is unable to launch tmux with my system user:
/🔒 took 4s ✖1 ❯ sudo systemctl status tmux@cig0.service
× tmux@cig0.service - Start tmux in detached session
Loaded: loaded (/etc/systemd/system/tmux@cig0.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2022-10-30 02:52:52 -03; 3s ago
Process: 37194 ExecStart=/usr/local/bin/tmux new-session -s root -d (code=exited, status=203/EXEC)
CPU: 1ms
Oct 30 02:52:52 vittusaatana systemd[1]: Starting tmux@cig0.service - Start tmux in detached session...
Oct 30 02:52:52 vittusaatana systemd[37194]: tmux@cig0.service: Failed to locate executable /usr/local/bin/tmux: No such file or directory
Oct 30 02:52:52 vittusaatana systemd[37194]: tmux@cig0.service: Failed at step EXEC spawning /usr/local/bin/tmux: No such file or directory
Oct 30 02:52:52 vittusaatana systemd[1]: tmux@cig0.service: Control process exited, code=exited, status=203/EXEC
Oct 30 02:52:52 vittusaatana systemd[1]: tmux@cig0.service: Failed with result 'exit-code'.
Oct 30 02:52:52 vittusaatana systemd[1]: Failed to start tmux@cig0.service - Start tmux in detached session.
I tried removing any attributes from the tmux
binary, but it fails because the directory where it lies is mounted as Read-only – which makes sense since it is managed by OSTree:
/ ❯ setfattr -x security.selinux /usr/bin/tmux
setfattr: /usr/bin/tmux: Read-only file system
Does anybody know if there´s a way to change the SELinux context for those files under the umbrella of OSTree?
Thanks!