UID(s), GID(s), and systemd

UID(s), GID(s), and systemd

October 28, 2021
Containers
Systemd, Podman

Recently was fiddling more with systemd+podman deployments and was wondering why I didn’t get output when running journalctl --user. This had been bothering me for a long time. I’d open another shell up and watch the journal as root on a system when I was trying to debug a “daemonized rootless-as-non-root” deployment. The goal of putting all context for an application deployment into a user slice was mired with a need to watch the root journal…

Turns out that this is expected behavior when you instance users with a UID below 1000. This wasn’t obvious until I’d spotted a line in the archwiki that referenced the systemd codebase. Turns out the folks building systemd are kind enough to provide an extremely readable guide to these principles as well.

So this update is attempting to put some flesh on the measly bones of the “server” section of this “book” since this deployment pathway has come up in a decent amount of my meatspace discussion of late.