data: tell systemd to create state directory (!5) · Merge requests · libfprint / fprintd

Will Thompson requested to merge wjt/fprintd:create-state-directory into master Mar 04, 2019

If the directory referred to by ReadWritePaths= does not exist, the service fails to start:

systemd[1]: Starting Fingerprint Authentication Daemon...
systemd[9736]: fprintd.service: Failed to set up mount namespacing: No such file or directory
systemd[9736]: fprintd.service: Failed at step NAMESPACE spawning /usr/lib/fprintd/fprintd: No such file or directory
systemd[1]: fprintd.service: Main process exited, code=exited, status=226/NAMESPACE
systemd[1]: fprintd.service: Failed with result 'exit-code'.
systemd[1]: Failed to start Fingerprint Authentication Daemon.

This may happen when booting with an empty /var filesystem.

For a system service, StateDirectory=fprint causes /var/lib/fprint and any parent directories to be created if missing (with mode 0755 by default, owned by the user and group of the service, which in this case is root). systemd.exec(5) does not say explicitly that, in combination with ProtectSystem=strict, the state directory will be mounted read-write, but in fact it is.

I know that this will not do the right thing in the case where ~~@libexecdir@~~ @localstatedir@ is not /var; I suppose one could specify both, and ReadWritePaths= would be redundant in the common case.

Edited Mar 04, 2019 by Will Thompson

data: tell systemd to create state directory

Merge request reports