• mholiv@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    7 hours ago

    You can if you want to. But I don’t think that is best practice. The idea of quadlets is the bring Linux norms to containers. You contain and manage all permissions for that container in that user.

    I personally have completely separated users and selinux mls contexts for each container group (formerly docker compose file) and I manage them thusly. It’s more annoying but it substantially more secure.

    This being said I think you can do it as root. I think this might work but I am not certain sudo systemctl --user -M theuser@ status myunit.service