importd: properly support operation in per-user mode

2026-04-14 00:14:32 +09:00 · 2025-07-25 08:25:29 +02:00
parent b76a76ac15
commit f7c72e8725
6 changed files with 189 additions and 78 deletions
--- a/units/user/meson.build
+++ b/units/user/meson.build
@@ -28,6 +28,16 @@ units = [
          'conditions' : ['ENABLE_MACHINED'],
          'symlinks' : ['sockets.target.wants/'],
        },
+        {
+          'file' : 'systemd-importd.service.in',
+          'conditions' : ['ENABLE_IMPORTD'],
+          'symlinks' : ['dbus-org.freedesktop.import1.service'],
+        },
+        {
+          'file' : 'systemd-importd.socket',
+          'conditions' : ['ENABLE_IMPORTD'],
+          'symlinks' : ['sockets.target.wants/'],
+        },
        { 'file' : 'paths.target' },
        { 'file' : 'printer.target' },
        { 'file' : 'session.slice' },
--- a/units/user/systemd-importd.service.in
+++ b/units/user/systemd-importd.service.in
@@ -0,0 +1,28 @@
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Disk Image Download Service
+Documentation=man:systemd-importd.service(8)
+Documentation=man:org.freedesktop.import1(5)
+
+[Service]
+Type=notify
+ExecStart={{LIBEXECDIR}}/systemd-importd --user
+BusName=org.freedesktop.import1
+KillMode=mixed
+NoNewPrivileges=yes
+MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+SystemCallFilter=@system-service @mount
+SystemCallErrorNumber=EPERM
+SystemCallArchitectures=native
+LockPersonality=yes
+{{SERVICE_WATCHDOG}}
--- a/units/user/systemd-importd.socket
+++ b/units/user/systemd-importd.socket
@@ -0,0 +1,18 @@
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Disk Image Download Service Socket
+Documentation=man:systemd-importd.service(8)
+Documentation=man:org.freedesktop.import1(5)
+
+[Socket]
+ListenStream=%t/systemd/io.systemd.Import
+FileDescriptorName=varlink
+SocketMode=0600