fix(neuron): run service as neuron user, not cortex
All checks were successful
CI / Format, lint, build, test (push) Successful in 2m22s
CI / Build cortex SRPM (push) Successful in 43s
CI / Build neuron SRPM (push) Successful in 43s
CI / Publish neuron to COPR (push) Successful in 8m49s
CI / Publish cortex to COPR (push) Successful in 11m22s
CI / Bump version in source (push) Successful in 31s
All checks were successful
CI / Format, lint, build, test (push) Successful in 2m22s
CI / Build cortex SRPM (push) Successful in 43s
CI / Build neuron SRPM (push) Successful in 43s
CI / Publish neuron to COPR (push) Successful in 8m49s
CI / Publish cortex to COPR (push) Successful in 11m22s
CI / Bump version in source (push) Successful in 31s
neuron and cortex are independent packages installable on different hosts. Having neuron run under a 'cortex' system user implied a shared identity that doesn't exist. Give neuron its own user/group. - New data/neuron-sysusers.conf declares the neuron user/group with home /var/lib/neuron. - systemd unit User/Group changed to neuron. - Spec file attrs, explicit Provides, and %sysusers_create_compat updated to reference the neuron user. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -8,8 +8,8 @@ Type=simple
|
||||
ExecStart=/usr/bin/neuron --config /etc/neuron/neuron.toml
|
||||
Restart=on-failure
|
||||
RestartSec=5
|
||||
User=cortex
|
||||
Group=cortex
|
||||
User=neuron
|
||||
Group=neuron
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
Reference in New Issue
Block a user