Bug#966058: systemd: PrivateTmp=true applied for ExecStartPre=+/binary

Drexl Johannes johannes.drexl at lrz.de
Wed Jul 22 12:52:52 BST 2020 

Package: systemd
Version: 241-7~deb10u4
Severity: normal

Dear Maintainer,

I have a binary that has to be started with PrivateTmp=true, but one of
the pre-tasks is to be executed as root and has to write to the
non-private part of /tmp. This should be possible, if I read the 
documentation on prefixes (in systemd.service) right. 
My testbed looks like that:

[Service]
Type=oneshot
User=someuser
Group=somegroup
# Test
ExecStartPre=+/bin/touch /tmp/servicetest
ExecStart=/bin/true
PrivateTmp=true

I expected the file /tmp/servicetest to be created after running the
service, as it correctly is (as root:root) when PrivateTmp is default
(false). Alas it's not the case when set to 'true'. Is there anything I
missed out?

-- Package-specific info:

-- System Information:
Debian Release: 10.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-9-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd depends on:
ii  adduser          3.118
ii  libacl1          2.2.53-4
ii  libapparmor1     2.13.2-10
ii  libaudit1        1:2.8.4-3
ii  libblkid1        2.33.1-0.1
ii  libc6            2.28-10
ii  libcap2          1:2.25-2
ii  libcryptsetup12  2:2.1.0-5+deb10u2
ii  libgcrypt20      1.8.4-5
ii  libgnutls30      3.6.7-4+deb10u4
ii  libgpg-error0    1.35-1
ii  libidn11         1.33-2.2
ii  libip4tc0        1.8.2-4
ii  libkmod2         26-1
ii  liblz4-1         1.8.3-1
ii  liblzma5         5.2.4-1
ii  libmount1        2.33.1-0.1
ii  libpam0g         1.3.1-5
ii  libseccomp2      2.3.3-4
ii  libselinux1      2.8-1+b1
ii  libsystemd0      241-7~deb10u4
ii  mount            2.33.1-0.1
ii  util-linux       2.33.1-0.1

Versions of packages systemd recommends:
ii  dbus            1.12.16-1
ii  libpam-systemd  241-7~deb10u4

Versions of packages systemd suggests:
ii  policykit-1        0.105-25
pn  systemd-container  <none>

Versions of packages systemd is related to:
pn  dracut           <none>
ii  initramfs-tools  0.133+deb10u1
ii  udev             241-7~deb10u4

-- Configuration Files:
/etc/systemd/timesyncd.conf changed [not included]

-- no debconf information

More information about the Pkg-systemd-maintainers mailing list